Total
6709 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-57784 | 2025-02-03 | N/A | 5.5 MEDIUM | ||
| An issue in the component /php/script_uploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal. | |||||
| CVE-2024-48885 | 1 Fortinet | 7 Fortimanager, Fortimanager Cloud, Fortios and 4 more | 2025-02-03 | N/A | 5.3 MEDIUM |
| A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets. | |||||
| CVE-2023-27105 | 1 Shanling | 3 Eddict Player, M2x, Mtouch Os | 2025-02-03 | N/A | 9.8 CRITICAL |
| A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal. | |||||
| CVE-2024-41973 | 2025-02-03 | N/A | 8.1 HIGH | ||
| A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges. | |||||
| CVE-2024-41972 | 2025-02-03 | N/A | 6.5 MEDIUM | ||
| A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead to an arbitrary file read with root privileges. | |||||
| CVE-2024-41971 | 2025-02-03 | N/A | 8.1 HIGH | ||
| A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss. | |||||
| CVE-2023-30265 | 1 Cltphp | 1 Cltphp | 2025-02-03 | N/A | 6.5 MEDIUM |
| CLTPHP <=6.0 is vulnerable to Directory Traversal. | |||||
| CVE-2019-11510 | 1 Ivanti | 1 Connect Secure | 2025-02-03 | 7.5 HIGH | 10.0 CRITICAL |
| In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . | |||||
| CVE-2022-26500 | 1 Veeam | 1 Veeam Backup \& Replication | 2025-02-03 | 6.5 MEDIUM | 8.8 HIGH |
| Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code. | |||||
| CVE-2024-3573 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 9.3 CRITICAL |
| mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least two directory levels from the server's root. | |||||
| CVE-2024-1593 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. This vulnerability allows for arbitrary data smuggling into the 'params' part of the URL, enabling attacks similar to those described in previous reports but utilizing the ';' character for parameter smuggling. Successful exploitation could lead to unauthorized information disclosure or server compromise. | |||||
| CVE-2024-1594 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to read arbitrary files on the server in the context of the server's process. This issue is similar to CVE-2023-6909 but utilizes a different component of the URI to achieve the same effect. | |||||
| CVE-2024-1560 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 8.1 HIGH |
| A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, which fails to properly sanitize user-supplied paths. The issue is present up to version 2.9.2, despite attempts to fix a similar issue in CVE-2023-6831. | |||||
| CVE-2025-24605 | 2025-02-03 | N/A | 4.9 MEDIUM | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal. This issue affects WOLF: from n/a through 1.0.8.5. | |||||
| CVE-2025-24569 | 2025-02-03 | N/A | 7.5 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder allows Path Traversal. This issue affects PDF Generator Addon for Elementor Page Builder: from n/a through 1.7.5. | |||||
| CVE-2025-23819 | 2025-02-03 | N/A | 7.5 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound WP Cloud allows Absolute Path Traversal. This issue affects WP Cloud: from n/a through 1.4.3. | |||||
| CVE-2022-41352 | 1 Zimbra | 1 Collaboration | 2025-02-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavis automatically prefers it over cpio. | |||||
| CVE-2024-1558 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in the `_create_model_version()` function within `server/handlers.py` of the mlflow/mlflow repository, due to improper validation of the `source` parameter. Attackers can exploit this vulnerability by crafting a `source` parameter that bypasses the `_validate_non_local_source_contains_relative_paths(source)` function's checks, allowing for arbitrary file read access on the server. The issue arises from the handling of unquoted URL characters and the subsequent misuse of the original `source` value for model version creation, leading to the exposure of sensitive files when interacting with the `/model-versions/get-artifact` handler. | |||||
| CVE-2024-1483 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifact_location' and 'source' parameters, using a local URI with '#' instead of '?', an attacker can traverse the server's directory structure. The issue occurs due to insufficient validation of user-supplied input in the server's handlers. | |||||
| CVE-2025-0973 | 2025-02-03 | 5.5 MEDIUM | 5.4 MEDIUM | ||
| A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects the function backAll_action in the library lib/admin/database_admin.php of the file /index.php?case=database&act=backAll&admin_dir=admin&site=default. The manipulation of the argument select[] leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||