Total
7846 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-56816 | 2 Datart, Running-elephant | 2 Datart, Datart | 2025-10-10 | 8.8 High |
| Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load() or loadAs() method without input sanitization. This allows deserialization of attacker-controlled YAML content, leading to arbitrary class instantiation. Under certain conditions, this can be exploited to achieve remote code execution (RCE). | ||||
| CVE-2024-45188 | 1 Mage | 1 Mage-ai | 2025-10-10 | 6.5 Medium |
| Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "File Content" request | ||||
| CVE-2025-0703 | 1 Joeybling | 1 Bootplus | 2025-10-10 | 4.3 Medium |
| A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This issue affects some unknown processing of the file src/main/java/io/github/controller/SysFileController.java. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. | ||||
| CVE-2025-32943 | 1 Framasoft | 1 Peertube | 2025-10-10 | 3.7 Low |
| The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint. | ||||
| CVE-2025-60969 | 2 Endrun, Endruntechnologies | 3 Sonoma D12 Network Time Server, Sonoma D12, Sonoma D12 Firmware | 2025-10-10 | 5.7 Medium |
| Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers to gain sensitive information. | ||||
| CVE-2024-5273 | 1 Jenkins | 1 Report Info | 2025-10-10 | 4.3 Medium |
| Jenkins Report Info Plugin 1.2 and earlier does not perform path validation of the workspace directory while serving report files, allowing attackers with Item/Configure permission to retrieve Surefire failures, PMD violations, Findbugs bugs, and Checkstyle errors on the controller file system by editing the workspace path. | ||||
| CVE-2023-41973 | 1 Zscaler | 1 Client Connector | 2025-10-10 | 7.3 High |
| ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager constructs the path and appends previousInstallerName to get the full path of the exe. Fixed Version: Win ZApp 4.3.0.121 and later. | ||||
| CVE-2025-3381 | 1 Zhangyanbo2007 | 1 Youkefu | 2025-10-10 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu 4.2.0. This affects an unknown part of the file WebIMController.java of the component File Upload. The manipulation of the argument ID leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-54802 | 2 Pyload, Pyload-ng Project | 2 Pyload, Pyload-ng | 2025-10-09 | 9.8 Critical |
| pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there is an opportunity for path traversal in pyLoad-ng CNL Blueprint via package parameter, allowing Arbitrary File Write which leads to Remote Code Execution (RCE). The addcrypted endpoint in pyload-ng suffers from an unsafe path construction vulnerability, allowing unauthenticated attackers to write arbitrary files outside the designated storage directory. This can be abused to overwrite critical system files, including cron jobs and systemd services, leading to privilege escalation and remote code execution as root. This issue is fixed in version 0.5.0b3.dev90. | ||||
| CVE-2025-54387 | 1 Unjs | 1 Ipx | 2025-10-09 | 9.8 Critical |
| IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path separator. This occurs because the check relies on a raw string prefix comparison. This is fixed in versions 1.3.2, 2.1.1 and 3.1.1. | ||||
| CVE-2025-3718 | 1 Nozominetworks | 2 Cmc, Guardian | 2025-10-09 | 7.9 High |
| A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can craft a malicious URL which, if visited by an authenticated victim, leads to a Cross-Site Scripting (XSS) attack. | ||||
| CVE-2025-40889 | 1 Nozominetworks | 2 Cmc, Guardian | 2025-10-09 | 8.1 High |
| A path traversal vulnerability was discovered in the Time Machine functionality due to missing validation of two input parameters. An authenticated user with limited privileges, by issuing a specifically-crafted request, can potentially alter the structure and content of files in the /data folder, and/or affect their availability. | ||||
| CVE-2025-5964 | 1 M-files | 1 M-files Server | 2025-10-09 | 6.5 Medium |
| A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server. | ||||
| CVE-2025-51475 | 1 Superagi | 1 Superagi | 2025-10-09 | 5 Medium |
| Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files via unsanitised filenames submitted to the file upload endpoint, due to improper handling of directory traversal in os.path.join() and lack of path validation in get_root_input_dir(). | ||||
| CVE-2025-7526 | 2 Wordpress, Wptravelengine | 2 Wordpress, Wp Travel Engine | 2025-10-09 | 9.8 Critical |
| The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in all versions up to, and including, 6.6.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). | ||||
| CVE-2025-11018 | 1 Four-faith | 1 Water Conservancy Informatization | 2025-10-08 | 5.3 Medium |
| A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-47211 | 1 Qnap | 2 Qts, Quts Hero | 2025-10-08 | 4.9 Medium |
| A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later | ||||
| CVE-2025-35430 | 1 Cisa | 1 Thorium | 2025-10-08 | 5 Medium |
| CISA Thorium does not adequately validate the paths of downloaded files via 'download_ephemeral' and 'download_children'. A remote, authenticated attacker could access arbitrary files subject to file system permissions. Fixed in 1.1.2. | ||||
| CVE-2025-59304 | 1 Swetrix | 1 Swetrix | 2025-10-08 | 9.8 Critical |
| A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote attacker to achieve Remote Code Execution via a crafted HTTP request. | ||||
| CVE-2025-54261 | 1 Adobe | 1 Coldfusion | 2025-10-08 | 10 Critical |
| ColdFusion versions 2025.3, 2023.15, 2021.21 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution by an attacker. The victim must have optional configurations enabled. Scope is changed. | ||||