Total
430 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-47106 | 1 Ibm | 1 Jazz For Service Management | 2025-08-08 | N/A | 5.3 MEDIUM |
|
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
|
|||||
| CVE-2024-4981 | 1 Redhat | 1 Pagure | 2025-08-07 | N/A | 7.6 HIGH |
|
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
|
|||||
| CVE-2025-1042 | 1 Gitlab | 1 Gitlab | 2025-08-06 | N/A | 4.9 MEDIUM |
|
An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to view repositories in an unauthorized way.
|
|||||
| CVE-2025-30103 | 1 Dell | 1 Smartfabric Os10 | 2025-08-06 | N/A | 5.5 MEDIUM |
|
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
|
|||||
| CVE-2025-0509 | 2 Netapp, Sparkle-project | 3 Hci Compute Node, Oncommand Workflow Automation, Sparkle | 2025-08-05 | N/A | 7.3 HIGH |
|
A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks.
|
|||||
| CVE-2025-23276 | 2025-08-04 | N/A | 7.8 HIGH | ||
|
NVIDIA Installer for Windows contains a vulnerability where an attacker may be able to escalate privileges. A successful exploit of this vulnerability may lead to escalation of privileges, denial of service, code execution, information disclosure and data tampering.
|
|||||
| CVE-2024-52047 | 1 Trendmicro | 1 Apex One | 2025-07-29 | N/A | 7.5 HIGH |
|
A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2024-8535 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Gateway | 2025-07-25 | N/A | 8.1 HIGH |
|
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
|
|||||
| CVE-2025-41240 | 2025-07-25 | N/A | 10.0 CRITICAL | ||
|
Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document root.
In affected versions, this can lead to unauthenticated access to sensitive credentials via HTTP/S. A remote attacker could retrieve these secrets by accessing specific URLs if the application is exposed externally. The issue affects deployments using the default value of usePasswordFiles=true, which mounts secrets as files into the container fi ...
Show More |
|||||
| CVE-2023-41566 | 2025-07-24 | N/A | 8.1 HIGH | ||
|
OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sys_ui_extend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions.
|
|||||
| CVE-2023-20184 | 1 Cisco | 1 Catalyst Center | 2025-07-23 | N/A | 5.4 MEDIUM |
|
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
|
|||||
| CVE-2023-20183 | 1 Cisco | 1 Catalyst Center | 2025-07-23 | N/A | 5.4 MEDIUM |
|
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
|
|||||
| CVE-2025-34110 | 2025-07-15 | N/A | N/A | ||
|
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows, allowing unauthenticated attackers to read or write arbitrary files outside the configured FTP root directory. The flaw is due to insufficient sanitation of user-supplied file paths in the FTP GET and PUT command handlers. Exploitation is possible by submitting traversal sequences during FTP operations, enabling access to system-sensitive files. This issue affects only the Windows version of ColoradoFTP.
|
|||||
| CVE-2024-31141 | 1 Apache | 1 Kafka | 2025-07-15 | N/A | 6.5 MEDIUM |
|
Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.
Apache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.
In applications where Apache Kafka Clien ...
Show More |
|||||
| CVE-2025-40908 | 1 Ingydotnet | 1 Yaml-libyaml | 2025-07-02 | N/A | 9.1 CRITICAL |
|
YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified
|
|||||
| CVE-2025-45529 | 1 Sscms | 1 Siteserver Cms | 2025-06-30 | N/A | 7.1 HIGH |
|
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.
|
|||||
| CVE-2024-48647 | 1 Sage | 1 Sage Frp 1000 | 2025-06-27 | N/A | 7.2 HIGH |
|
A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including configuration files that may contain credentials and system settings, which could lead to further compromise of the server.
|
|||||
| CVE-2024-50627 | 1 Digi | 7 Connectport Lts 16, Connectport Lts 16 Mei, Connectport Lts 16 Mei 2ac and 4 more | 2025-06-27 | N/A | 8.8 HIGH |
|
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.
|
|||||
| CVE-2023-52112 | 1 Huawei | 2 Emui, Harmonyos | 2025-06-20 | N/A | 5.3 MEDIUM |
|
Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform abnormally.
|
|||||
| CVE-2023-47202 | 1 Trendmicro | 1 Apex One | 2025-06-17 | N/A | 7.8 HIGH |
|
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
|
|||||
| CVE-2024-8031 | 1 Wpbookingcalendar | 1 Secure Downloads | 2025-06-12 | N/A | 6.5 MEDIUM |
|
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php.
|
|||||
| CVE-2024-24161 | 1 Mrcms | 1 Mrcms | 2025-06-12 | N/A | 7.5 HIGH |
|
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming path parameter is not filtered.
|
|||||
| CVE-2024-48019 | 1 Apache | 1 Doris | 2025-06-09 | N/A | 5.4 MEDIUM |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or Directories Accessible to External Parties vulnerability in Apache Doris.
Application administrators can read arbitrary
files from the server filesystem through path traversal.
Users are recommended to upgrade to version 2.1.8, 3.0.3 or later, which fixes the issue.
|
|||||
| CVE-2025-4634 | 2025-05-30 | N/A | 4.1 MEDIUM | ||
|
The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate requests to view files on the filesystem
|
|||||
| CVE-2025-5273 | 2025-05-29 | N/A | 6.5 MEDIUM | ||
|
All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server.
|
|||||
| CVE-2025-4134 | 2025-05-28 | N/A | 7.3 HIGH | ||
|
Lack of file validation in do_update_vps in Avast Business Antivirus for Linux 4.5 on Linux allows local user to spoof or tamper with the update file via an unverified file write.
|
|||||
| CVE-2025-4807 | 1 Senior-walter | 1 Online Student Clearance System | 2025-05-28 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, was found in SourceCodester Online Student Clearance System 1.0. This affects an unknown part. The manipulation leads to exposure of information through directory listing. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-4909 | 1 Lerouxyxchire | 1 Client Database Management System | 2025-05-28 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability classified as critical was found in SourceCodester Client Database Management System 1.0. This vulnerability affects unknown code. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2023-38952 | 1 Zkteco | 1 Biotime | 2025-05-27 | N/A | 7.5 HIGH |
|
Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not enforced and any authenticated user can leverage admin functions without restriction by making direct requests to administrative endpoints.
|
|||||
| CVE-2023-5907 | 1 Bitapps | 1 File Manager | 2025-05-27 | N/A | 6.5 MEDIUM |
|
The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory, allowing an administrator to set a root outside of the WordPress root directory, giving access to system files and directories even in a multisite setup, where site administrators should not be allowed to modify the sites files.
|
|||||
| CVE-2022-41343 | 1 Dompdf Project | 1 Dompdf | 2025-05-22 | N/A | 7.5 HIGH |
|
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.
|
|||||
| CVE-2022-40126 | 1 Clash Project | 1 Clash | 2025-05-21 | N/A | 7.8 HIGH |
|
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
|
|||||
| CVE-2022-3287 | 1 Fwupd | 1 Fwupd | 2025-05-20 | N/A | 6.5 MEDIUM |
|
When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file.
|
|||||
| CVE-2023-45160 | 1 1e | 1 Client | 2025-05-20 | N/A | 8.8 HIGH |
|
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. The 1E Client's temporary directory is now locked down in the released patch.
Resolution: This has been fixed in patch Q23094
This issue has also been fixed in the Mac Client in updated versions of Non-Windows release v8.1.2.62 - please re-downlo ...
Show More |
|||||
| CVE-2025-21264 | 1 Microsoft | 1 Visual Studio Code | 2025-05-19 | N/A | 7.1 HIGH |
|
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
|
|||||
| CVE-2025-32819 | 1 Sonicwall | 12 Sma 100, Sma 100 Firmware, Sma 200 and 9 more | 2025-05-19 | N/A | 8.8 HIGH |
|
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
|
|||||
| CVE-2024-22240 | 1 Vmware | 1 Aria Operations For Networks | 2025-05-15 | N/A | 4.9 MEDIUM |
|
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information.
|
|||||
| CVE-2025-2651 | 1 Oretnom23 | 1 Online Eyewear Shop | 2025-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /oews/admin/. The manipulation leads to exposure of information through directory listing. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. Multiple sub-directories are affected.
|
|||||
| CVE-2022-42234 | 1 Ucms Project | 1 Ucms | 2025-05-14 | N/A | 8.8 HIGH |
|
There is a file inclusion vulnerability in the template management module in UCMS 1.6
|
|||||
| CVE-2025-21609 | 1 B3log | 1 Siyuan | 2025-05-14 | N/A | 9.1 CRITICAL |
|
SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server. Commit d9887aeec1b27073bec66299a9a4181dc42969f3 fixes this vulnerability and is expected to be available in version 3.1.19.
|
|||||