Total
8926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-4498 | 1 Lollms | 1 Lollms Web Ui | 2025-07-09 | N/A |
| A Path Traversal and Remote File Inclusion (RFI) vulnerability exists in the parisneo/lollms-webui application, affecting versions v9.7 to the latest. The vulnerability arises from insufficient input validation in the `/apply_settings` function, allowing an attacker to manipulate the `discussion_db_name` parameter to traverse the file system and include arbitrary files. This issue is compounded by the bypass of input filtering in the `install_binding`, `reinstall_binding`, and `unInstall_binding` endpoints, despite the presence of a `sanitize_path_from_endpoint(data.name)` filter. Successful exploitation enables an attacker to upload and execute malicious code on the victim's system, leading to Remote Code Execution (RCE). | ||||
| CVE-2024-1511 | 1 Lollms | 1 Lollms Web Ui | 2025-07-09 | N/A |
| The parisneo/lollms-webui repository is susceptible to a path traversal vulnerability due to inadequate validation of user-supplied file paths. This flaw allows an unauthenticated attacker to read, write, and in certain configurations execute arbitrary files on the server by exploiting various endpoints. The vulnerability can be exploited even when the service is bound to localhost, through cross-site requests facilitated by malicious HTML/JS pages. | ||||
| CVE-2025-28055 | 1 Shinnku | 1 Upset-gal-web | 2025-07-09 | 7.5 High |
| upset-gal-web v7.1.0 /api/music/v1/cover.ts contains an arbitrary file read vulnerabilit | ||||
| CVE-2025-6278 | 1 Upsonic | 1 Upsonic | 2025-07-08 | 5.5 Medium |
| A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-40348 | 1 Bazarr | 1 Bazarr | 2025-07-08 | 8.2 High |
| An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. | ||||
| CVE-2025-40573 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2025-07-08 | 4.4 Medium |
| A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to path traversal attacks. This could allow a privileged local attacker to restore backups that are outside the backup folder. | ||||
| CVE-2012-5972 | 1 Specview | 1 Specview | 2025-07-07 | N/A |
| Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI. | ||||
| CVE-2019-0887 | 1 Microsoft | 10 Remote Desktop Client, Windows 10, Windows 11 21h2 and 7 more | 2025-07-07 | 8.0 High |
| A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | ||||
| CVE-2024-54169 | 3 Ibm, Linux, Microsoft | 3 Entirex, Linux Kernel, Windows | 2025-07-07 | 6.5 Medium |
| IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2025-0332 | 1 Progress | 1 Telerik Ui For Winforms | 2025-07-03 | 7.8 High |
| In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory. | ||||
| CVE-2024-25659 | 2 Infinera, Nokia | 2 Tnms, Transcend Network Management System | 2025-07-03 | 7.2 High |
| In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories outside the SFTP user home directory. | ||||
| CVE-2023-32003 | 2 Fedoraproject, Nodejs | 2 Fedora, Node.js | 2025-07-03 | 5.3 Medium |
| `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | ||||
| CVE-2012-6069 | 1 3s-software | 1 Codesys Runtime System | 2025-07-02 | 10 Critical |
| The CoDeSys Runtime Toolkit’s file transfer functionality does not perform input validation, which allows an attacker to access files and directories outside the intended scope. This may allow an attacker to upload and download any file on the device. This could allow the attacker to affect the availability, integrity, and confidentiality of the device. | ||||
| CVE-2025-6152 | 1 Steel | 1 Browser | 2025-07-02 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in Steel Browser up to 0.1.3. This affects the function handleFileUpload of the file api/src/modules/files/files.routes.ts. The manipulation of the argument filename leads to path traversal. It is possible to initiate the attack remotely. The patch is named 7ba93a10000fb77ee01731478ef40551a27bd5b9. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2025-6167 | 1 Themanojdesai | 1 Python A2a | 2025-07-02 | 5.5 Medium |
| A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function create_workflow of the file python_a2a/agent_flow/server/api.py. The manipulation leads to path traversal. Upgrading to version 0.5.6 is able to address this issue. It is recommended to upgrade the affected component. | ||||
| CVE-2025-6281 | 1 Openbmb | 1 Xagent | 2025-07-02 | 5.5 Medium |
| A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-32799 | 1 Anaconda | 1 Conda-build | 2025-07-02 | 9.8 Critical |
| Conda-build contains commands and tools to build conda packages. Prior to version 25.4.0, the conda-build processing logic is vulnerable to path traversal (Tarslip) attacks due to improper sanitization of tar entry paths. Attackers can craft tar archives containing entries with directory traversal sequences to write files outside the intended extraction directory. This could lead to arbitrary file overwrites, privilege escalation, or code execution if sensitive locations are targeted. This issue has been patched in version 25.4.0. | ||||
| CVE-2025-37095 | 1 Hpe | 1 Storeonce System | 2025-07-02 | 9.8 Critical |
| A directory traversal information disclosure vulnerability exists in HPE StoreOnce Software. | ||||
| CVE-2025-0823 | 1 Ibm | 1 Cognos Analytics | 2025-07-02 | 6.5 Medium |
| IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2025-48940 | 1 Mybb | 1 Mybb | 2025-07-02 | 7.2 High |
| MyBB is free and open source forum software. Prior to version 1.8.39, the upgrade component does not validate user input properly, which allows attackers to perform local file inclusion (LFI) via a specially crafted parameter value. In order to exploit the vulnerability, the installer must be unlocked (no `install/lock` file present) and the upgrade script must be accessible (by re-installing the forum via access to `install/index.php`; when the forum has not yet been installed; or the attacker is authenticated as a forum administrator). MyBB 1.8.39 resolves this issue. | ||||