Total
6715 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-31477 | 1 Gl-inet | 64 Gl-a1300, Gl-a1300 Firmware, Gl-ap1300 and 61 more | 2025-01-27 | N/A | 7.5 HIGH |
| A path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrary directory, such as /tmp or /etc, because there is no server-side restriction to limit sharing to the USB path. | |||||
| CVE-2023-30172 | 1 Lfprojects | 1 Mlflow | 2025-01-27 | N/A | 7.5 HIGH |
| A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter. | |||||
| CVE-2023-29986 | 1 Spring-boot-actuator-logview Project | 1 Spring-boot-actuator-logview | 2025-01-27 | N/A | 5.3 MEDIUM |
| spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view. | |||||
| CVE-2023-23169 | 1 Synapsoft | 1 Pdfocus | 2025-01-27 | N/A | 6.5 MEDIUM |
| Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal. | |||||
| CVE-2024-45598 | 2025-01-27 | N/A | 6.0 MEDIUM | ||
| Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply going to Logs tab and selecting the name of the local file will show its content on the web UI. This vulnerability is fixed in 1.2.29. | |||||
| CVE-2025-0542 | 2025-01-25 | N/A | 7.8 HIGH | ||
| Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write. | |||||
| CVE-2023-38012 | 2025-01-25 | N/A | 5.3 MEDIUM | ||
| IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | |||||
| CVE-2024-12885 | 2025-01-25 | N/A | 6.5 MEDIUM | ||
| The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation when deleting a connections image directory in all versions up to, and including, 10.4.66. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary folders on the server and all their content. | |||||
| CVE-2025-0703 | 2025-01-24 | 4.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This issue affects some unknown processing of the file src/main/java/io/github/controller/SysFileController.java. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. | |||||
| CVE-2025-24611 | 2025-01-24 | N/A | 4.9 MEDIUM | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Smackcoders WP Ultimate Exporter allows Absolute Path Traversal. This issue affects WP Ultimate Exporter: from n/a through 2.9. | |||||
| CVE-2024-3848 | 1 Lfprojects | 1 Mlflow | 2025-01-24 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the fragment, effectively skipping validation. This allows an attacker to construct a URL that, when processed, ignores the protocol scheme and uses the provided path for filesystem access. As a result, an attacker can read arbitrary files, including sensitive information such as SSH and cloud keys, by exploiting the way the application converts the URL into a filesystem path. The issue stems from insufficient validation of the fragment portion of the URL, leading to arbitrary file read through path traversal. | |||||
| CVE-2020-13377 | 1 Loadbalancer | 1 Enterprise Va Max | 2025-01-24 | N/A | 8.1 HIGH |
| The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files. | |||||
| CVE-2024-7634 | 1 F5 | 2 Nginx Agent, Nginx Instance Manager | 2025-01-24 | N/A | 4.9 MEDIUM |
| NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory. | |||||
| CVE-2024-2552 | 1 Paloaltonetworks | 1 Pan-os | 2025-01-24 | N/A | 6.0 MEDIUM |
| A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. | |||||
| CVE-2024-23607 | 1 F5 | 2 F5os-a, F5os-c | 2025-01-24 | N/A | 5.5 MEDIUM |
| A directory traversal vulnerability exists in the F5OS QKView utility that allows an authenticated attacker to read files outside the QKView directory. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-23422 | 2025-01-24 | N/A | 7.5 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound Store Locator allows PHP Local File Inclusion. This issue affects Store Locator: from n/a through 3.98.10. | |||||
| CVE-2024-54535 | 1 Apple | 4 Ipados, Iphone Os, Visionos and 1 more | 2025-01-23 | N/A | 4.3 MEDIUM |
| A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1. An attacker with access to calendar data could also read reminders. | |||||
| CVE-2024-42471 | 1 Github | 2 Actions\/artifact, Actions Toolkit | 2025-01-23 | N/A | 7.3 HIGH |
| actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal` for extracting a specifically crafted artifact that contains path traversal filenames. Users are advised to upgrade to version 2.1.2 or higher. There are no known workarounds for this issue. | |||||
| CVE-2024-27102 | 1 Pterodactyl | 1 Wings | 2025-01-23 | N/A | 9.9 CRITICAL |
| Wings is the server control plane for Pterodactyl Panel. This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can potentially be used to access files and directories on the host system. The full scope of impact is exactly unknown, but reading files outside of a server's base directory (sandbox root) is possible. In order to use this exploit, an attacker must have an existing "server" allocated and controlled by Wings. Details on the exploitation of this vulnerability are embargoed until March 27th, 2024 at 18:00 UTC. In order to mitigate this vulnerability, a full rewrite of the entire server filesystem was necessary. Because of this, the size of the patch is massive, however effort was made to reduce the amount of breaking changes. Users are advised to update to version 1.11.9. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-32985 | 1 Jenkins | 1 Sidebar Link | 2025-01-23 | N/A | 4.3 MEDIUM |
| Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | |||||