Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-6218 | 2025-06-21 | N/A | 7.8 HIGH | ||
| RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of file paths within archive files. A crafted file path can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27198. | |||||
| CVE-2024-23904 | 1 Jenkins | 1 Log Command | 2025-06-20 | N/A | 7.5 HIGH |
| Jenkins Log Command Plugin 1.0.2 and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read content from arbitrary files on the Jenkins controller file system. | |||||
| CVE-2024-22523 | 1 Fuwushe | 1 Ifair | 2025-06-20 | N/A | 7.5 HIGH |
| Directory Traversal vulnerability in Qiyu iFair version 23.8_ad0 and before, allows remote attackers to obtain sensitive information via uploadimage component. | |||||
| CVE-2025-34023 | 2025-06-20 | N/A | N/A | ||
| A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted path traversal sequences (e.g., ../../). This can expose sensitive files such as /etc/passwd and /etc/shadow. | |||||
| CVE-2025-34022 | 2025-06-20 | N/A | N/A | ||
| A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information. | |||||
| CVE-2024-12087 | 8 Almalinux, Archlinux, Gentoo and 5 more | 18 Almalinux, Arch Linux, Linux and 15 more | 2025-06-20 | N/A | 6.5 MEDIUM |
| A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. | |||||
| CVE-2023-52288 | 1 Sujeetkv | 1 Flaskcode | 2025-06-20 | N/A | 7.5 HIGH |
| An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a GET request to a /resource-data/<file_path>.txt URI (from views.py), allows attackers to read arbitrary files. | |||||
| CVE-2023-48166 | 1 Unify | 1 Openscape Voice | 2025-06-20 | N/A | 7.5 HIGH |
| A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that allow for the compromise of the underlying system. | |||||
| CVE-2025-49138 | 1 Haxtheweb | 1 Haxcms-php | 2025-06-20 | N/A | 6.5 MEDIUM |
| HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, an authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written into site.json. This enables attackers to exfiltrate sensitive system files such as /etc/passwd, application secrets, or configuration files accessible to the web server (www-data). The vulnerability stems from the way the HAXCMS backend handles the location field in the site's outline. When a user sends a POST request to /system/api/saveOutline, the backend stores the provided location value directly into the site.json file associated with the site, without validating or sanitizing the input. Later the location parameter is interpreted by the CMS to resolve and load the content for a given node. If the location field contains a relative path like `../../../etc/passwd`, the application will attempt to read and render that file. Version 11.0.0 fixes the issue. | |||||
| CVE-2024-57186 | 1 Erxes | 1 Erxes | 2025-06-20 | N/A | 5.4 MEDIUM |
| In Erxes <1.6.2, an unauthenticated attacker can read arbitrary files from the system using a Path Traversal vulnerability in the /read-file endpoint handler. | |||||
| CVE-2024-57189 | 1 Erxes | 1 Erxes | 2025-06-20 | N/A | 5.4 MEDIUM |
| In Erxes <1.6.2, an authenticated attacker can write to arbitrary files on the system using a Path Traversal vulnerability in the importHistoriesCreate GraphQL mutation handler. | |||||
| CVE-2025-6283 | 2025-06-19 | 2.7 LOW | 3.5 LOW | ||
| A vulnerability was found in xataio Xata Agent up to 0.3.0. It has been classified as problematic. This affects the function GET of the file apps/dbagent/src/app/api/evals/route.ts. The manipulation of the argument passed leads to path traversal. Upgrading to version 0.3.1 is able to address this issue. The patch is named 03f27055e0cf5d4fa7e874d34ce8c74c7b9086cc. It is recommended to upgrade the affected component. | |||||
| CVE-2025-6282 | 2025-06-19 | 5.2 MEDIUM | 5.5 MEDIUM | ||
| A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function create_upload_file of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The reported GitHub issue was closed automatically with the label "not planned" by a bot. | |||||
| CVE-2025-6281 | 2025-06-19 | 5.2 MEDIUM | 5.5 MEDIUM | ||
| A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6280 | 2025-06-19 | 5.2 MEDIUM | 5.5 MEDIUM | ||
| A vulnerability, which was classified as critical, was found in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function download_attachment of the file SuperAGI/superagi/helper/read_email.py of the component EmailToolKit. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6278 | 2025-06-19 | 5.2 MEDIUM | 5.5 MEDIUM | ||
| A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4661 | 2025-06-19 | N/A | N/A | ||
| A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. Note: Admin level privilege is required on the switch in order to exploit | |||||
| CVE-2024-35081 | 1 Luckyframe | 1 Luckyframeweb | 2025-06-18 | N/A | 7.5 HIGH |
| LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method. | |||||
| CVE-2024-12088 | 8 Almalinux, Archlinux, Gentoo and 5 more | 20 Almalinux, Arch Linux, Linux and 17 more | 2025-06-18 | N/A | 6.5 MEDIUM |
| A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | |||||
| CVE-2025-50202 | 2025-06-18 | N/A | 7.5 HIGH | ||
| Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue has been patched in version 6.6.10. | |||||