Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-55214 | 2025-08-18 | N/A | N/A | ||
|
Copier library and CLI app for rendering project templates. From 7.1.0 to before 9.9.1, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write files outside the destination path where a project shall be generated or updated. This is possible when rendering a generated directory structure whose render ...
Show More |
|||||
| CVE-2025-20051 | 1 Mattermost | 1 Mattermost Server | 2025-08-18 | N/A | 9.9 CRITICAL |
|
Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitrary file on the system via duplicating a specially crafted block in Boards.
|
|||||
| CVE-2025-8356 | 1 Xerox | 1 Freeflow Core | 2025-08-18 | N/A | 9.8 CRITICAL |
|
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remote Code Execution (RCE), allowing the attacker to run arbitrary commands on the system.
|
|||||
| CVE-2024-56477 | 1 Ibm | 1 Power Hardware Management Console | 2025-08-18 | N/A | 6.5 MEDIUM |
|
IBM Power Hardware Management Console V10.3.1050.0 could allow an authenticated user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
|
|||||
| CVE-2024-45652 | 1 Ibm | 1 Maximo Asset Management | 2025-08-18 | N/A | 6.5 MEDIUM |
|
IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
|
|||||
| CVE-2025-3485 | 1 Alltena | 1 Allegra | 2025-08-18 | N/A | 8.8 HIGH |
|
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of the extractFileFromZip method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to exe ...
Show More |
|||||
| CVE-2025-54652 | 1 Huawei | 1 Harmonyos | 2025-08-18 | N/A | 8.4 HIGH |
|
Path traversal vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality of the virtualization module.
|
|||||
| CVE-2025-54653 | 1 Huawei | 1 Harmonyos | 2025-08-18 | N/A | 8.4 HIGH |
|
Path traversal vulnerability in the virtualization file module. Successful exploitation of this vulnerability may affect the confidentiality of the virtualization file module.
|
|||||
| CVE-2023-42129 | 1 A10networks | 2 Advanced Core Operating System, Thunder Application Delivery Controller | 2025-08-18 | N/A | 6.5 MEDIUM |
|
A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability.
The specific flaw exists within the ShowTechDownloadView class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability ...
Show More |
|||||
| CVE-2023-42130 | 1 A10networks | 2 Advanced Core Operating System, Thunder Application Delivery Controller | 2025-08-18 | N/A | 8.8 HIGH |
|
A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability. This vulnerability allows remote attackers to read and delete arbitrary files on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability.
The specific flaw exists within the FileMgmtExport class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability t ...
Show More |
|||||
| CVE-2025-53793 | 1 Microsoft | 1 Azure Stack Hub | 2025-08-18 | N/A | 7.5 HIGH |
|
Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.
|
|||||
| CVE-2024-11944 | 1 Ixsystems | 2 Truenas, Truenas Firmware | 2025-08-18 | N/A | 8.8 HIGH |
|
iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the tarfile.extractall method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage ...
Show More |
|||||
| CVE-2025-2449 | 1 Ni | 1 Flexlogger | 2025-08-18 | N/A | 8.8 HIGH |
|
NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of URI files by the usiReg component. The issue results from the lack of proper validation of a user-supplied path ...
Show More |
|||||
| CVE-2024-46954 | 1 Artifex | 1 Ghostscript | 2025-08-15 | N/A | 7.8 HIGH |
|
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
|
|||||
| CVE-2024-6971 | 1 Lollms | 1 Lollms-webui | 2025-08-15 | N/A | 4.4 MEDIUM |
|
A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the `lollms_file_system.py` file. The functions `add_rag_database`, `toggle_mount_rag_database`, and `vectorize_folder` do not implement security measures such as `sanitize_path_from_endpoint` or `sanitize_path`. This allows an attacker to perform vectorize operations on `.sqlite` files in any directory on the victim's computer, potentially installing multiple packages and causing a crash.
|
|||||
| CVE-2024-0844 | 1 Felixmoira | 1 Ai Popup | 2025-08-15 | N/A | 4.7 MEDIUM |
|
The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData() function. This makes it possible for authenticated attackers, with administrator-level access and above, to include and execute arbitrary files ending with "Form.php" on the server , allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in c ...
Show More |
|||||
| CVE-2021-21001 | 1 Wago | 54 750-8202, 750-8202 Firmware, 750-8203 and 51 more | 2025-08-15 | 4.0 MEDIUM | 9.1 CRITICAL |
|
On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.
|
|||||
| CVE-2025-8081 | 1 Elementor | 1 Website Builder | 2025-08-15 | N/A | 4.9 MEDIUM |
|
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the Import_Images::import() function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2025-3486 | 1 Alltena | 1 Allegra | 2025-08-15 | N/A | 8.8 HIGH |
|
Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability.
The specific flaw exists within the implementation of the isZipEntryValide method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute ...
Show More |
|||||
| CVE-2025-3884 | 1 Cloudera | 1 Hue | 2025-08-15 | N/A | 7.5 HIGH |
|
Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cloudera Hue. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Ace Editor web application. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose ...
Show More |
|||||
| CVE-2025-49559 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2025-08-15 | N/A | 5.3 MEDIUM |
|
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction.
|
|||||
| CVE-2025-54715 | 2025-08-15 | N/A | 4.9 MEDIUM | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager allows Path Traversal. This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.9.0.
|
|||||
| CVE-2025-7641 | 2025-08-15 | N/A | 7.5 HIGH | ||
|
The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the /wp-json/nextgenassistant/v1.0.0/control REST endpoint in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server, which can cause a complete loss of availability.
|
|||||
| CVE-2025-53632 | 1 Ctfer-io | 1 Chall-manager | 2025-08-14 | N/A | 9.1 CRITICAL |
|
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bury Chall-Manager deep within the infrastructure due to its large capabilities, so no users could reach the system. Pa ...
Show More |
|||||
| CVE-2023-44451 | 1 Linuxmint | 1 Xreader | 2025-08-14 | N/A | 7.8 HIGH |
|
Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of EPUB files. The issue results from the lack of proper validation of a user-supplied path prior to using it i ...
Show More |
|||||
| CVE-2011-10010 | 2025-08-14 | N/A | N/A | ||
|
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the "Writable" option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or ex ...
Show More |
|||||
| CVE-2011-10009 | 2025-08-14 | N/A | N/A | ||
|
S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary files outside the web root. This can be exploited remotely without authentication by appending traversal sequences and a null byte to bypass file extension checks.
|
|||||
| CVE-2023-38012 | 1 Ibm | 1 Cloud Pak System | 2025-08-14 | N/A | 5.3 MEDIUM |
|
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
|
|||||
| CVE-2022-0369 | 1 Trianglemicroworks | 1 Scada Data Gateway | 2025-08-14 | N/A | 8.8 HIGH |
|
Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user ...
Show More |
|||||
| CVE-2025-55169 | 1 Wegia | 1 Wegia | 2025-08-14 | N/A | 6.5 MEDIUM |
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal vulnerability was discovered in the WeGIA application, html/socio/sistema/download_remessa.php endpoint. This vulnerability could allow an attacker to gain unauthorized access to local files in the server and sensitive information stored in config.php. config.php contains information that could allow direct access to the database. This issue has been p ...
Show More |
|||||
| CVE-2024-52964 | 1 Fortinet | 2 Fortimanager, Fortimanager Cloud | 2025-08-14 | N/A | 5.5 MEDIUM |
|
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9 and below 7.0.13 & FortiManager Cloud version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5 and before 7.2.9 allows an authenticated remote attacker to overwrite arbitrary files via FGFM crafted requests.
|
|||||
| CVE-2025-8151 | 1 Hasthemes | 1 Ht Mega | 2025-08-13 | N/A | 4.3 MEDIUM |
|
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9.1 via the 'save_block_css' function. This makes it possible for authenticated attackers, with Author-level access and above, to create CSS files in any directory, and delete CSS files in any directory in a Windows environment.
|
|||||
| CVE-2025-0818 | 2025-08-13 | N/A | 6.5 MEDIUM | ||
|
Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an instance of the file manager available to users.
|
|||||
| CVE-2023-34298 | 1 Ivanti | 3 Pulse Secure Desktop Client, Pulse Secure Installer Service, Secure Access Client | 2025-08-13 | N/A | 7.8 HIGH |
|
Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within SetupService. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operat ...
Show More |
|||||
| CVE-2023-41181 | 1 Lg | 1 Supersign Media Editor | 2025-08-12 | N/A | 5.3 MEDIUM |
|
LG SuperSign Media Editor getSubFolderList Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG SuperSign Media Editor. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the getSubFolderList method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage th ...
Show More |
|||||
| CVE-2023-40517 | 1 Lg | 1 Supersign Media Editor | 2025-08-12 | N/A | 7.5 HIGH |
|
LG SuperSign Media Editor ContentRestController getObject Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG SuperSign Media Editor. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the getObject method implemented in the ContentRestController class. The issue results from the lack of proper validation of a user-supplied path prior to u ...
Show More |
|||||
| CVE-2025-0799 | 1 Ibm | 1 App Connect Enterprise | 2025-08-12 | N/A | 6.5 MEDIUM |
|
IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories.
|
|||||
| CVE-2025-8480 | 1 Alpsalpine | 2 Ilx-507, Ilx-507 Firmware | 2025-08-12 | N/A | 8.0 HIGH |
|
Alpine iLX-507 Command Injection Remote Code Execution. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Tidal music streaming application. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute co ...
Show More |
|||||
| CVE-2025-7694 | 1 Xtendify | 1 Woffice | 2025-08-12 | N/A | 6.8 MEDIUM |
|
The Woffice Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the woffice_file_manager_delete() function in all versions up to, and including, 5.4.26. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
|
|||||
| CVE-2025-2328 | 1 Codedropz | 1 Drag And Drop Multiple File Upload - Contact Form 7 | 2025-08-12 | N/A | 8.8 HIGH |
|
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'dnd_remove_uploaded_files' function in all versions up to, and including, 1.3.8.7. This makes it possible for unauthenticated attackers to add arbitrary file paths (such as ../../../../wp-config.php) to uploaded files on the server, which can easily lead to remote code execution when an Administrator deletes the message. Exploiti ...
Show More |
|||||