Total
7396 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-58320 | 2025-09-11 | N/A | 7.3 HIGH | ||
| Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. | |||||
| CVE-2025-58321 | 2025-09-11 | N/A | 10.0 CRITICAL | ||
| Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. | |||||
| CVE-2025-51463 | 1 Aimstack | 1 Aim | 2025-09-11 | N/A | 7.0 HIGH |
| Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary files to the server's filesystem via a crafted backup tar file submitted to the run_instruction API, which is extracted without path validation during restoration. | |||||
| CVE-2025-8941 | 2025-09-11 | N/A | 7.8 HIGH | ||
| A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. | |||||
| CVE-2025-6020 | 2025-09-11 | N/A | 7.8 HIGH | ||
| A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. | |||||
| CVE-2025-8753 | 1 Linlinjava | 1 Litemall | 2025-09-11 | 5.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13986 | 1 Nagios | 1 Nagios Xi | 2025-09-09 | N/A | 8.8 HIGH |
| Nagios XI < 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an arbitrary file upload and a path traversal in the Core Config Snapshots interface. The issue arises from insufficient validation of file paths and extensions during MIB upload and snapshot rename operations. Exploitation results in the placement of attacker-controlled PHP files in a web-accessible directory, executed as the www-data user. | |||||
| CVE-2025-58751 | 2025-09-09 | N/A | N/A | ||
| Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the public directory were served bypassing the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (using --host or `server.host` config option), use the public directory feature (enabled by default), and have a symlink in the public directory are affected. Versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20 fix the issue. | |||||
| CVE-2025-58755 | 2025-09-09 | N/A | 8.8 HIGH | ||
| MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. The extractall function `zip_file.extractall(output_dir)` is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious content is decompressed, it overwrites the system files. In addition, the project allows the download of the zip content through the link, which increases the scope of exploitation of this vulnerability. As of time of publication, no known fixed versions are available. | |||||
| CVE-2024-32023 | 1 Bmaltais | 1 Kohya Ss | 2025-09-08 | N/A | 6.5 MEDIUM |
| Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable to a path injection in the `common_gui.py` `find_and_replace` function. This vulnerability is fixed in 23.1.5. | |||||
| CVE-2024-32024 | 1 Bmaltais | 1 Kohya Ss | 2025-09-08 | N/A | 6.5 MEDIUM |
| Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable to a path injection in the `common_gui.py` `add_pre_postfix` function. This vulnerability is fixed in 23.1.5. | |||||
| CVE-2025-9566 | 2025-09-08 | N/A | 8.1 HIGH | ||
| There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | |||||
| CVE-2025-5993 | 2025-09-08 | N/A | N/A | ||
| ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit vulnerable parameter fileName and construct payloads that allow to download any file accessible by the the web server process. | |||||
| CVE-2025-58438 | 2025-09-08 | N/A | N/A | ||
| internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal (path traversal) vulnerability in the File.download() method of the internetarchive library. The file.download() method does not properly sanitize user-supplied filenames or validate the final download path. A maliciously crafted filename could contain path traversal sequences (e.g., ../../../../windows/system32/file.txt) or illegal characters that, when processed, would cause the file to be written outside of the intended target directory. An attacker could potentially overwrite critical system files or application configuration files, leading to a denial of service, privilege escalation, or remote code execution, depending on the context in which the library is used. The vulnerability is particularly critical for users on Windows systems, but all operating systems are affected. This issue is fixed in version 5.5.1. | |||||
| CVE-2025-20344 | 1 Cisco | 1 Nexus Dashboard | 2025-09-08 | N/A | 6.5 MEDIUM |
| A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid Administrator credentials could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to gain root privileges on the underlying shell on the affected device. | |||||
| CVE-2021-43778 | 1 Glpi-project | 1 Barcode | 2025-09-08 | 5.0 MEDIUM | 9.1 CRITICAL |
| Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file. | |||||
| CVE-2025-48550 | 1 Google | 1 Android | 2025-09-05 | N/A | 5.5 MEDIUM |
| In testGrantSlicePermission of SliceManagerTest.java, there is a possible permanent denial of service due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-42123 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-09-05 | N/A | 7.5 HIGH |
| A Zip slip vulnerability in the Elasticsearch Connector in Liferay Portal 7.3.3 through 7.4.3.18, and Liferay DXP 7.3 before update 6, and 7.4 before update 19 allows attackers to create or overwrite existing files on the filesystem via the installation of a malicious Elasticsearch Sidecar plugin. | |||||
| CVE-2025-48395 | 2025-09-05 | N/A | 4.7 MEDIUM | ||
| An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the CLI. This security issue has been fixed in the latest version of NMC G2 which is available on the Eaton download center. | |||||
| CVE-2024-8510 | 1 N-able | 1 N-central | 2025-09-05 | N/A | 5.3 MEDIUM |
| N-central is vulnerable to a path traversal that allows unintended access to the Apache Tomcat WEB-INF directory. Customer data is not exposed. This vulnerability is present in all deployments of N-central prior to N-central 2024.6. | |||||