Search Results (485 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-3940 2026-04-15 7.5 High
Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the ZAM170-NF-1.8.25-7354-Ver1.0.0 and possibly others.
CVE-2021-4459 1 Sma 8 Sunny Boy, Sunny Boy 1.5, Sunny Boy 2.5 and 5 more 2026-04-15 6.5 Medium
An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices.
CVE-2025-54317 1 Logpoint 1 Logpoint 2026-04-15 8.4 High
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution (RCE).
CVE-2025-58456 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 6.8 Medium
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read arbitrary files on the target machine.
CVE-2025-59336 1 Lumen 1 Luanox 2026-04-15 N/A
Luanox is a module host for Lua packages. Prior to 0.1.1, a file traversal vulnerability can cause potential denial of service by overwriting Phoenix runtime files. Package names like ../../package are not properly filtered and pass the validity check of the rockspec verification system. This causes the uploaded file to be stored at the relative path location. If planned carefully, this could overwrite a runtime file and cause the website to crash. This vulnerability is fixed by 0.1.1.
CVE-2025-11898 1 Flowring 1 Agentflow 2026-04-15 7.5 High
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
CVE-2025-0225 2026-04-15 4.3 Medium
A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is an unknown functionality of the file /setting/ClassFy/exampleDownload.html. The manipulation of the argument name leads to path traversal: '/../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-24343 2026-04-15 5.4 Medium
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.
CVE-2025-55013 1 Assemblyline Project 1 Assemblyline 2026-04-15 4.2 Medium
The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client (task_handler.py) accepts a SHA-256 value returned by the service server and uses it directly as a local file name.A malicious or compromised server (or any MITM that can speak to client) can return a path-traversal payload such as `../../../etc/cron.d/evil` and force the client to write the downloaded bytes to an arbitrary location on disk. This is fixed in version 4.6.1.dev138.
CVE-2025-49466 2026-04-15 5.8 Medium
aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part,
CVE-2023-1419 1 Redhat 2 Debezium, Integration 2026-04-15 5.9 Medium
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data.
CVE-2023-20514 1 Amd 7 Radeon Pro V620, Radeon Pro V710, Radeon Pro Vii and 4 more 2026-04-15 N/A
Improper handling of parameters in the AMD Secure Processor (ASP) could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution
CVE-2024-12645 2026-04-15 6.5 Medium
The topm-client from Chunghwa Telecom has an Arbitrary File Read vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs through phishing. Additionally, one of the APIs contains a Relative Path Traversal vulnerability, allowing attackers to read arbitrary files on the user's system.
CVE-2025-41724 1 Sauter 3 Ey-modulo 5 Devices, Modulo 6 Devices, Wscserver 2026-04-15 7.5 High
An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.
CVE-2025-62498 1 Automationdirect 8 P1-540, P1-550, P2-550 and 5 more 2026-04-15 8.8 High
A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened.
CVE-2025-52207 2026-04-15 9.9 Critical
PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory.
CVE-2024-29155 1 Microchip 1 Rn4870 2026-04-15 4.3 Medium
On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a second PairReqNoInputNoOutput request just after a real one, causing the pair request to be blocked.
CVE-2025-20192 1 Cisco 1 Ios Xe Software 2026-04-15 7.7 High
A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is due to improper validation of IKEv1 phase 2 parameters before the IPsec security association creation request is handed off to the hardware cryptographic accelerator of an affected device. An attacker could exploit this vulnerability by sending crafted IKEv1 messages to the affected device. A successful exploit could allow the attacker to cause the device to reload.
CVE-2025-66386 1 Misp 1 Misp 2026-04-15 4.1 Medium
app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.
CVE-2026-22626 1 Hiksemi 1 Hs-afs-s1h1 2026-04-15 4.9 Medium
Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can cause abnormal device behavior by crafting specific messages.