Total
7800 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-5115 | 2 Debian, Redhat | 7 Debian Linux, Ansible Automation Platform, Ansible Automation Platform Developer and 4 more | 2025-10-09 | 6.3 Medium |
| An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path. | ||||
| CVE-2025-54802 | 2 Pyload, Pyload-ng Project | 2 Pyload, Pyload-ng | 2025-10-09 | 9.8 Critical |
| pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there is an opportunity for path traversal in pyLoad-ng CNL Blueprint via package parameter, allowing Arbitrary File Write which leads to Remote Code Execution (RCE). The addcrypted endpoint in pyload-ng suffers from an unsafe path construction vulnerability, allowing unauthenticated attackers to write arbitrary files outside the designated storage directory. This can be abused to overwrite critical system files, including cron jobs and systemd services, leading to privilege escalation and remote code execution as root. This issue is fixed in version 0.5.0b3.dev90. | ||||
| CVE-2025-54387 | 1 Unjs | 1 Ipx | 2025-10-09 | 9.8 Critical |
| IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path separator. This occurs because the check relies on a raw string prefix comparison. This is fixed in versions 1.3.2, 2.1.1 and 3.1.1. | ||||
| CVE-2025-3718 | 1 Nozominetworks | 2 Cmc, Guardian | 2025-10-09 | 7.9 High |
| A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can craft a malicious URL which, if visited by an authenticated victim, leads to a Cross-Site Scripting (XSS) attack. | ||||
| CVE-2025-40889 | 1 Nozominetworks | 2 Cmc, Guardian | 2025-10-09 | 8.1 High |
| A path traversal vulnerability was discovered in the Time Machine functionality due to missing validation of two input parameters. An authenticated user with limited privileges, by issuing a specifically-crafted request, can potentially alter the structure and content of files in the /data folder, and/or affect their availability. | ||||
| CVE-2025-5964 | 1 M-files | 1 M-files Server | 2025-10-09 | 6.5 Medium |
| A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server. | ||||
| CVE-2025-51475 | 1 Superagi | 1 Superagi | 2025-10-09 | 5 Medium |
| Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files via unsanitised filenames submitted to the file upload endpoint, due to improper handling of directory traversal in os.path.join() and lack of path validation in get_root_input_dir(). | ||||
| CVE-2025-7526 | 2 Wordpress, Wptravelengine | 2 Wordpress, Wp Travel Engine | 2025-10-09 | 9.8 Critical |
| The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||
| CVE-2025-11018 | 1 Four-faith | 1 Water Conservancy Informatization | 2025-10-08 | 5.3 Medium |
| A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-47211 | 1 Qnap | 2 Qts, Quts Hero | 2025-10-08 | 4.9 Medium |
| A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later | ||||
| CVE-2025-35430 | 1 Cisa | 1 Thorium | 2025-10-08 | 5 Medium |
| CISA Thorium does not adequately validate the paths of downloaded files via 'download_ephemeral' and 'download_children'. A remote, authenticated attacker could access arbitrary files subject to file system permissions. Fixed in 1.1.2. | ||||
| CVE-2025-59304 | 1 Swetrix | 1 Swetrix | 2025-10-08 | 9.8 Critical |
| A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote attacker to achieve Remote Code Execution via a crafted HTTP request. | ||||
| CVE-2025-54261 | 1 Adobe | 1 Coldfusion | 2025-10-08 | 10 Critical |
| ColdFusion versions 2025.3, 2023.15, 2021.21 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution by an attacker. The victim must have optional configurations enabled. Scope is changed. | ||||
| CVE-2025-51480 | 2 Linuxfoundation, Onnx | 2 Onnx, Onnx | 2025-10-08 | 8.8 High |
| Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions. | ||||
| CVE-2025-51481 | 1 Dagsterlabs | 1 Dagster | 2025-10-07 | 6.6 Medium |
| Local File Inclusion in dagster._grpc.impl.get_notebook_data in Dagster 1.10.14 allows attackers with access to the gRPC server to read arbitrary files by supplying path traversal sequences in the notebook_path field of ExternalNotebookData requests, bypassing the intended extension-based check. | ||||
| CVE-2025-11031 | 2 Datatables, Sprymedia | 2 Datatables, Datatables | 2025-10-07 | 5.3 Medium |
| A flaw has been found in DataTables up to 1.10.13. The affected element is an unknown function of the file /examples/resources/examples.php. This manipulation of the argument src causes path traversal. It is possible to initiate the attack remotely. The exploit has been published and may be used. Upgrading to version 1.10.15 is sufficient to fix this issue. Patch name: 3b24f99ac4ddb7f9072076b0d07f0b1a408f177a. Upgrading the affected component is advised. This vulnerability was initially reported for code-projects Faculty Management System but appears to affect DataTables as an upstream component instead. The vendor of DataTables explains: "I would suggest that the author upgrade to the latest versions of DataTables (actually, they shouldn't really be deploying that file to their own server at all - it is only relevant for the DataTables examples)." | ||||
| CVE-2025-33034 | 1 Qnap | 2 Qsync, Qsync Central | 2025-10-07 | 6.5 Medium |
| A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later | ||||
| CVE-2025-5740 | 2025-10-07 | 7.2 High | ||
| CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file writes when an authenticated user on the web server manipulates file path. | ||||
| CVE-2025-9409 | 2 Lostvip, Ruoyi | 2 Ruoyi-go, Ruoyi | 2025-10-06 | 4.3 Medium |
| A security flaw has been discovered in lostvip-com ruoyi-go up to 2.1. Impacted is the function DownloadTmp/DownloadUpload of the file modules/system/controller/CommonController.go. Performing manipulation of the argument fileName results in path traversal. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-58590 | 2025-10-06 | 6.5 Medium | ||
| It's possible to brute force folders and files, what can be used by an attacker to steal sensitve information. | ||||