Total
7985 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-1177 | 1 Lfprojects | 1 Mlflow | 2025-02-19 | 9.3 Critical |
| Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. | ||||
| CVE-2025-0572 | 1 Santesoft | 1 Sante Pacs Server | 2025-02-19 | 4.3 Medium |
| Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to write files in the context of the current user. Was ZDI-CAN-25308. | ||||
| CVE-2025-0573 | 1 Santesoft | 1 Sante Pacs Server | 2025-02-19 | 5.3 Medium |
| Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to write files in the context of the current user. Was ZDI-CAN-25309. | ||||
| CVE-2025-24965 | 2025-02-19 | 8.7 High | ||
| crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current user to write to the target file. The problem is fixed in crun 1.20 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-0467 | 1 Wppool | 1 Wp Dark Mode | 2025-02-19 | 4.3 Medium |
| The WP Dark Mode WordPress plugin before 4.0.8 does not properly sanitize the style parameter in shortcodes before using it to load a PHP template. This leads to Local File Inclusion on servers where non-existent directories may be traversed, or when chained with another vulnerability allowing arbitrary directory creation. | ||||
| CVE-2022-48361 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-19 | 5.3 Medium |
| The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources. | ||||
| CVE-2023-27700 | 1 Muyucms Project | 1 Muyucms | 2025-02-18 | 8.1 High |
| MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /accessory/picdel.html. | ||||
| CVE-2025-22663 | 2025-02-18 | 8.6 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper Paid Videochat Turnkey Site allows Path Traversal. This issue affects Paid Videochat Turnkey Site: from n/a through 7.2.12. | ||||
| CVE-2022-36982 | 1 Ivanti | 1 Avalanche | 2025-02-18 | 7.5 High |
| This vulnerability allows remote attackers to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AgentTaskHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored session cookies, leading to further compromise. Was ZDI-CAN-15967. | ||||
| CVE-2022-36981 | 1 Ivanti | 1 Avalanche | 2025-02-18 | 9.8 Critical |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DeviceLogResource class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15966. | ||||
| CVE-2025-1357 | 2025-02-18 | 4.3 Medium | ||
| A vulnerability classified as problematic has been found in Seventh D-Guard up to 20250206. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-26779 | 2025-02-18 | 4.9 Medium | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Fahad Mahmood Keep Backup Daily allows Path Traversal. This issue affects Keep Backup Daily: from n/a through 2.1.0. | ||||
| CVE-2025-25284 | 2025-02-18 | N/A | ||
| The ZOO-Project is an open source processing platform, released under MIT/X11 Licence. A vulnerability in ZOO-Project's WPS (Web Processing Service) implementation allows unauthorized access to files outside the intended directory through path traversal. Specifically, the Gdal_Translate service, when processing VRT (Virtual Format) files, does not properly validate file paths referenced in the VRTRasterBand element, allowing attackers to read arbitrary files on the system. The vulnerability exists because the service doesn't properly sanitize the SourceFilename parameter in VRT files, allowing relative path traversal sequences (../). When combined with VRT's raw data handling capabilities, this allows reading arbitrary files as raw binary data and converting them to TIFF format, effectively exposing their contents. This vulnerability is particularly severe because it allows attackers to read sensitive system files, potentially exposing configuration data, credentials, or other confidential information stored on the server. An unauthenticated attacker can read arbitrary files from the system through path traversal, potentially accessing sensitive information such as configuration files, credentials, or other confidential data stored on the server. The vulnerability requires no authentication and can be exploited remotely through the WPS service. This issue has been addressed in commit `5f155a8` and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2025-25243 | 2025-02-18 | 8.6 High | ||
| SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or availability. | ||||
| CVE-2022-2560 | 1 Enterprisedt | 1 Completeftp Server | 2025-02-18 | 9.1 Critical |
| This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files in the context of SYSTEM. Was ZDI-CAN-17481. | ||||
| CVE-2025-1035 | 2025-02-18 | 5.7 Medium | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls.This issue affects KLog Server: before 3.1.1. | ||||
| CVE-2021-27798 | 1 Broadcom | 1 Fabric Operating System | 2025-02-15 | 5.5 Medium |
| A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions 7.4.1.x and 7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life published report. | ||||
| CVE-2020-19279 | 1 Wide Project | 1 Wide | 2025-02-14 | 9.8 Critical |
| Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links. | ||||
| CVE-2021-38346 | 1 Brizy | 1 Brizy-page Builder | 2025-02-14 | 8.8 High |
| The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. The file would be named using the id parameter, which could be prepended with "../" to perform directory traversal, and the file contents were populated via the ibsf parameter, which would be base64-decoded and written to the file. While the plugin added a .jpg extension to all uploaded filenames, a double extension attack was still possible, e.g. a file named shell.php would be saved as shell.php.jpg, and would be executable on a number of common configurations. | ||||
| CVE-2024-51376 | 2025-02-13 | 7.5 High | ||
| Directory Traversal vulnerability in yeqifu carRental v.1.0 allows a remote attacker to obtain sensitive information via the file/downloadFile.action?path= component. | ||||