Total
354 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-15225 | 2025-12-29 | 7.5 High | ||
| WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files. | ||||
| CVE-2025-57403 | 2025-12-29 | 7.5 High | ||
| Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL (or a portion of it) directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to the potential exposure of sensitive information. | ||||
| CVE-2025-66737 | 2025-12-29 | 4.3 Medium | ||
| Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component. | ||||
| CVE-2024-12642 | 1 Cht | 1 Tenderdoctransfer | 2025-12-23 | 8.1 High |
| TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs through phishing. Additionally, one of the APIs contains a Relative Path Traversal vulnerability, allowing attackers to write arbitrary files to any path on the user's system. | ||||
| CVE-2024-24578 | 1 Raspberrymatic | 1 Raspberrymatic | 2025-12-23 | 10 Critical |
| RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices. RaspberryMatic / OCCU prior to version 3.75.6.20240316 contains a unauthenticated remote code execution (RCE) vulnerability, caused by multiple issues within the Java based `HMIPServer.jar` component. RaspberryMatric includes a Java based `HMIPServer`, that can be accessed through URLs starting with `/pages/jpages`. The `FirmwareController` class does however not perform any session id checks, thus this feature can be accessed without a valid session. Due to this issue, attackers can gain remote code execution as root user, allowing a full system compromise. Version 3.75.6.20240316 contains a patch. | ||||
| CVE-2025-62552 | 1 Microsoft | 8 365 Apps, Access, Access 2016 and 5 more | 2025-12-23 | 7.8 High |
| Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-15015 | 1 Ragic | 1 Enterprise Cloud Database | 2025-12-23 | 7.5 High |
| Enterprise Cloud Database developed by Ragic has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files. | ||||
| CVE-2025-66626 | 1 Argoproj | 2 Argo-workflows, Argo Workflows | 2025-12-19 | 8.1 High |
| Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below and versions 3.7.0 through 3.7.4, contain unsafe untar code that handles symbolic links in archives. Concretely, the computation of a link's target and the subsequent check are flawed. An attacker can overwrite the file /var/run/argo/argoexec with a script of their choice, which would be executed at the pod's start. The patch deployed against CVE-2025-62156 is ineffective against malicious archives containing symbolic links. This issue is fixed in versions 3.6.14 and 3.7.5. | ||||
| CVE-2025-26645 | 1 Microsoft | 28 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 25 more | 2025-12-17 | 8.8 High |
| Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2016-20023 | 1 Cksource | 1 Ckfinder | 2025-12-17 | 5 Medium |
| In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from the server if the correct path to a file was provided. | ||||
| CVE-2025-40605 | 1 Sonicwall | 11 Email Security, Email Security Appliance 5000, Email Security Appliance 5000 Firmware and 8 more | 2025-12-12 | 5.3 Medium |
| A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories outside the intended restricted path. | ||||
| CVE-2025-12097 | 1 Ni | 1 Labview | 2025-12-08 | 7.5 High |
| There is a relative path traversal vulnerability in the NI System Web Server that may result in information disclosure. Successful exploitation requires an attacker to send a specially crafted request to the NI System Web Server, allowing the attacker to read arbitrary files. This vulnerability existed in the NI System Web Server 2012 and prior versions. It was fixed in 2013. | ||||
| CVE-2025-25048 | 1 Ibm | 1 Jazz Foundation | 2025-12-02 | 6.5 Medium |
| IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a restricted directory. | ||||
| CVE-2025-66386 | 1 Misp | 1 Misp | 2025-12-01 | 4.1 Medium |
| app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin. | ||||
| CVE-2025-13771 | 1 Uniong | 1 Webitr | 2025-12-01 | 6.5 Medium |
| WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files. | ||||
| CVE-2024-47856 | 2 Microsoft, Rsa | 2 Windows, Authentication Agent | 2025-11-26 | 9.8 Critical |
| In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve that executable instead of the intended executable. | ||||
| CVE-2025-64446 | 1 Fortinet | 1 Fortiweb | 2025-11-21 | 9.4 Critical |
| A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. | ||||
| CVE-2025-64757 | 1 Astro | 1 Astro | 2025-11-20 | 3.5 Low |
| Astro is a web framework. Prior to version 5.14.3, a vulnerability has been identified in the Astro framework's development server that allows arbitrary local file read access through the image optimization endpoint. The vulnerability affects Astro development environments and allows remote attackers to read any image file accessible to the Node.js process on the host system. This issue has been patched in version 5.14.3. | ||||
| CVE-2023-5189 | 1 Redhat | 7 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside and 4 more | 2025-11-20 | 6.3 Medium |
| A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten. | ||||
| CVE-2024-1485 | 2 Devfile, Redhat | 4 Registry-support, Ocp Tools, Openshift and 1 more | 2025-11-20 | 8 High |
| A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed. | ||||