Total
7548 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27210 | 1 Nodejs | 1 Nodejs | 2025-07-23 | N/A |
| An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. This vulnerability affects Windows users of `path.join` API. | ||||
| CVE-2024-10389 | 1 Google | 1 Safearchive | 2025-07-23 | 7.5 High |
| There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7ce9d7b6f9c6ecd72d0b0f16216b046e55e44dc | ||||
| CVE-2025-46704 | 1 Advantech | 1 Iview | 2025-07-23 | 4.3 Medium |
| A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest() that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing an attacker to determine the existence of arbitrary files on the server. | ||||
| CVE-2024-9675 | 2 Buildah Project, Redhat | 21 Buildah, Enterprise Linux, Enterprise Linux Eus and 18 more | 2025-07-23 | 7.8 High |
| A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. | ||||
| CVE-2025-25254 | 1 Fortinet | 1 Fortiweb | 2025-07-22 | 6.8 Medium |
| An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, 7.2 all versions, 7.0 all versions endpoint may allow an authenticated admin to access and modify the filesystem via crafted requests. | ||||
| CVE-2025-20259 | 2 Cisco, Microsoft | 2 Thousandeyes Endpoint Agent, Windows | 2025-07-22 | 5.3 Medium |
| Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These vulnerabilities are due to improper access controls on files that are in the local file system. An attacker could exploit these vulnerabilities by using a symbolic link to perform an agent upgrade that redirects the delete operation of any protected file. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device. | ||||
| CVE-2025-7645 | 2025-07-22 | 8.1 High | ||
| The Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete-file' field in all versions up to, and including, 3.2.8. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, when an administrator deletes the submission, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||
| CVE-2025-20277 | 1 Cisco | 1 Unified Contact Center Express | 2025-07-22 | 3.4 Low |
| A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper limitation of a pathname to a restricted directory (path traversal). An attacker could exploit this vulnerability by sending a crafted web request to an affected device, followed by a specific command through an SSH session. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root. | ||||
| CVE-2025-3740 | 2025-07-22 | 8.8 High | ||
| The School Management System for Wordpress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 93.1.0 via the 'page' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The Local File Inclusion exploit can be chained to include various dashboard view files in the plugin. One such chain can be leveraged to update the password of Super Administrator accounts in Multisite environments making privilege escalation possible. The vendor has updated the version numbers beginning with `1.93.1 (02-07-2025)` for the patched version. This version comes after version 93.1.0. | ||||
| CVE-2025-7643 | 1 Wordpress | 1 Wordpress | 2025-07-22 | 9.1 Critical |
| The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the handle_actions() function in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||
| CVE-2025-6233 | 1 Mattermost | 1 Mattermost | 2025-07-22 | 6.8 Medium |
| Mattermost versions 10.8.x <= 10.8.1, 10.7.x <= 10.7.3, 10.5.x <= 10.5.7, 9.11.x <= 9.11.16 fail to sanitize input paths of file attachments in the bulk import JSONL file, which allows a system admin to read arbitrary system files via path traversal. | ||||
| CVE-2025-7896 | 2025-07-22 | 6.3 Medium | ||
| A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this vulnerability is the function download_video/delete_video of the file app/controllers/v1/video.py. The manipulation leads to path traversal. The attack can be launched remotely. | ||||
| CVE-2015-10134 | 2025-07-22 | 7.5 High | ||
| The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via the download_backup_file function. This is due to a lack of capability checks and file type validation. This makes it possible for attackers to download sensitive files such as the wp-config.php file from the affected site. | ||||
| CVE-2015-10136 | 1 Wordpress | 1 Wordpress | 2025-07-22 | 7.5 High |
| The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. | ||||
| CVE-2025-34120 | 1 Limesurvey | 1 Limesurvey | 2025-07-21 | N/A |
| An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and including 2.06+ Build 151014. The application fails to validate serialized input to the admin backup endpoint (`index.php/admin/update/sa/backup`), allowing attackers to specify arbitrary file paths using a crafted `datasupdateinfo` payload. The files are packaged in a ZIP archive and made available for download without authentication. This vulnerability can be exploited to read arbitrary files on the host system, including sensitive OS and configuration files. | ||||
| CVE-2025-7712 | 1 Wordpress | 1 Wordpress | 2025-07-21 | 9.1 Critical |
| The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wp_manga_delete_zip() function in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||
| CVE-2023-25914 | 1 Danfoss | 2 Ak-sm 800a, Ak-sm 800a Firmware | 2025-07-19 | 8.8 High |
| Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise. | ||||
| CVE-2025-6265 | 1 Zyxel | 2 Nwa50ax-pro, Nwa50ax-pro Firmware | 2025-07-19 | 7.2 High |
| A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device. | ||||
| CVE-2025-44177 | 1 Wss | 1 Protop | 2025-07-18 | 8.2 High |
| A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences. | ||||
| CVE-2025-34126 | 2025-07-17 | N/A | ||
| A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information. | ||||