Total
6658 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22380 | 1 Github | 1 Enterprise Server | 2025-03-19 | N/A | 6.5 MEDIUM |
| A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.6. This vulnerability was reported via the GitHub Bug Bounty program. | |||||
| CVE-2024-33535 | 1 Zimbra | 1 Collaboration | 2025-03-19 | N/A | 7.5 HIGH |
| An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves unauthenticated local file inclusion (LFI) in a web application, specifically impacting the handling of the packages parameter. Attackers can exploit this flaw to include arbitrary local files without authentication, potentially leading to unauthorized access to sensitive information. The vulnerability is limited to files within a specific directory. | |||||
| CVE-2024-32115 | 1 Fortinet | 1 Fortimanager | 2025-03-19 | N/A | 5.5 MEDIUM |
| A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests. | |||||
| CVE-2022-38731 | 1 Qaelum | 1 Dose | 2025-03-19 | N/A | 4.3 MEDIUM |
| Qaelum DOSE 18.08 through 21.1 before 21.2 allows Directory Traversal via the loadimages name parameter. It allows a user to specify an arbitrary location on the server's filesystem from which to load an image. (Only images are displayed to the attacker. All other files are loaded but not displayed.) The Content-Type response header reflects the actual content type of the file being requested. This allows an attacker to enumerate files on the local system. Additionally, remote resources can be requested via a UNC path, allowing an attacker to coerce authentication out from the server to the attackers machine. | |||||
| CVE-2022-44299 | 1 Sscms | 1 Siteserver Cms | 2025-03-19 | N/A | 4.9 MEDIUM |
| SiteServerCMS 7.1.3 sscms has a file read vulnerability. | |||||
| CVE-2024-47049 | 1 Czim | 1 File-handling | 2025-03-18 | N/A | 8.2 HIGH |
| The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files. | |||||
| CVE-2024-41310 | 1 Yanzhenjie | 1 Andserver | 2025-03-18 | N/A | 7.5 HIGH |
| AndServer 2.1.12 is vulnerable to Directory Traversal. | |||||
| CVE-2023-25265 | 1 Docmosis | 1 Tornado | 2025-03-18 | N/A | 7.5 HIGH |
| Docmosis Tornado <= 2.9.4 is vulnerable to Directory Traversal leading to the disclosure of arbitrary content on the file system. | |||||
| CVE-2023-26255 | 1 Stagil | 1 Stagil Navigation | 2025-03-18 | N/A | 7.5 HIGH |
| An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjCustomDesignConfig endpoint, it is possible to traverse and read the file system. | |||||
| CVE-2025-2493 | 2025-03-18 | N/A | N/A | ||
| Path Traversal vulnerability in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to manipulate the ‘id’ parameter of the ‘/softdial/scheduler/load.php’ endpoint to navigate beyond the intended directory. This can allow unauthorised access to sensitive files outside the expected scope, posing a security risk. | |||||
| CVE-2025-0694 | 2025-03-18 | N/A | 6.6 MEDIUM | ||
| Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access. | |||||
| CVE-2023-0241 | 1 Pgadmin | 1 Pgadmin 4 | 2025-03-17 | N/A | 6.5 MEDIUM |
| pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database. | |||||
| CVE-2022-0959 | 1 Pgadmin | 1 Pgadmin 4 | 2025-03-17 | 3.5 LOW | 6.5 MEDIUM |
| A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is running has permission to write. | |||||
| CVE-2024-44190 | 1 Apple | 1 Macos | 2025-03-17 | N/A | 5.5 MEDIUM |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to read arbitrary files. | |||||
| CVE-2025-29787 | 2025-03-17 | N/A | N/A | ||
| `zip` is a zip library for rust which supports reading and writing of simple ZIP files. In the archive extraction routine of affected versions of the `zip` crate starting with version 1.3.0 and prior to version 2.3.0, symbolic links earlier in the archive are allowed to be used for later files in the archive without validation of the final canonicalized path, allowing maliciously crafted archives to overwrite arbitrary files in the file system when extracted. Users who extract untrusted archive files using the following high-level API method may be affected and critical files on the system may be overwritten with arbitrary file permissions, which can potentially lead to code execution. Version 2.3.0 fixes the issue. | |||||
| CVE-2025-2363 | 2025-03-17 | N/A | 6.3 MEDIUM | ||
| A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2015-4068 | 1 Arcserve | 1 Udp | 2025-03-14 | 9.4 HIGH | 9.1 CRITICAL |
| Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted file path to the (1) reportFileServlet or (2) exportServlet servlet. | |||||
| CVE-2023-26265 | 1 Borg Project | 1 Borg | 2025-03-14 | N/A | 5.3 MEDIUM |
| The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borg_preprocess_page in the file template.php does not properly sanitize incoming path arguments before using them. | |||||
| CVE-2019-7483 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2025-03-14 | 5.0 MEDIUM | 7.5 HIGH |
| In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. | |||||
| CVE-2024-27871 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-14 | N/A | 5.5 MEDIUM |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6. An app may be able to access protected user data. | |||||