Total
7108 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24961 | 2025-02-03 | N/A | N/A | ||
| org.gaul S3Proxy implements the S3 API and proxies requests. Users of the filesystem and filesystem-nio2 storage backends could unintentionally expose local files to users. This issue has been addressed in version 2.6.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-24960 | 2025-02-03 | N/A | 8.7 HIGH | ||
| Jellystat is a free and open source Statistics App for Jellyfin. In affected versions Jellystat is directly using a user input in the route(s). This can lead to Path Traversal Vulnerabilities. Since this functionality is only for admin(s), there is very little scope for abuse. However, the `DELETE` `files/:filename` can be used to delete any file. This issue has been addressed in version 1.1.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2024-57784 | 2025-02-03 | N/A | 5.5 MEDIUM | ||
| An issue in the component /php/script_uploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal. | |||||
| CVE-2024-48885 | 1 Fortinet | 7 Fortimanager, Fortimanager Cloud, Fortios and 4 more | 2025-02-03 | N/A | 5.3 MEDIUM |
| A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.10, 6.4.0 through 6.4.3, FortiVoice versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.9, 6.0.0 through 6.0.12 allows attacker to escalate privilege via specially crafted packets. | |||||
| CVE-2023-27105 | 1 Shanling | 3 Eddict Player, M2x, Mtouch Os | 2025-02-03 | N/A | 9.8 CRITICAL |
| A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows attackers to arbitrarily read, delete, or modify any critical system files via directory traversal. | |||||
| CVE-2024-41973 | 2025-02-03 | N/A | 8.1 HIGH | ||
| A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges. | |||||
| CVE-2024-41972 | 2025-02-03 | N/A | 6.5 MEDIUM | ||
| A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead to an arbitrary file read with root privileges. | |||||
| CVE-2024-41971 | 2025-02-03 | N/A | 8.1 HIGH | ||
| A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss. | |||||
| CVE-2023-30265 | 1 Cltphp | 1 Cltphp | 2025-02-03 | N/A | 6.5 MEDIUM |
| CLTPHP <=6.0 is vulnerable to Directory Traversal. | |||||
| CVE-2024-3573 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 9.3 CRITICAL |
| mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least two directory levels from the server's root. | |||||
| CVE-2024-1593 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. This vulnerability allows for arbitrary data smuggling into the 'params' part of the URL, enabling attacks similar to those described in previous reports but utilizing the ';' character for parameter smuggling. Successful exploitation could lead to unauthorized information disclosure or server compromise. | |||||
| CVE-2024-1594 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the `artifact_location` parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component `#` in the artifact location URI to read arbitrary files on the server in the context of the server's process. This issue is similar to CVE-2023-6909 but utilizes a different component of the URI to achieve the same effect. | |||||
| CVE-2024-1560 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 8.1 HIGH |
| A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, which fails to properly sanitize user-supplied paths. The issue is present up to version 2.9.2, despite attempts to fix a similar issue in CVE-2023-6831. | |||||
| CVE-2025-24569 | 2025-02-03 | N/A | 7.5 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder allows Path Traversal. This issue affects PDF Generator Addon for Elementor Page Builder: from n/a through 1.7.5. | |||||
| CVE-2025-23819 | 2025-02-03 | N/A | 7.5 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound WP Cloud allows Absolute Path Traversal. This issue affects WP Cloud: from n/a through 1.4.3. | |||||
| CVE-2024-1558 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in the `_create_model_version()` function within `server/handlers.py` of the mlflow/mlflow repository, due to improper validation of the `source` parameter. Attackers can exploit this vulnerability by crafting a `source` parameter that bypasses the `_validate_non_local_source_contains_relative_paths(source)` function's checks, allowing for arbitrary file read access on the server. The issue arises from the handling of unquoted URL characters and the subsequent misuse of the original `source` value for model version creation, leading to the exposure of sensitive files when interacting with the `/model-versions/get-artifact` handler. | |||||
| CVE-2024-1483 | 1 Lfprojects | 1 Mlflow | 2025-02-03 | N/A | 7.5 HIGH |
| A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifact_location' and 'source' parameters, using a local URI with '#' instead of '?', an attacker can traverse the server's directory structure. The issue occurs due to insufficient validation of user-supplied input in the server's handlers. | |||||
| CVE-2025-24891 | 2025-01-31 | N/A | 9.6 CRITICAL | ||
| Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject malicious payloads into files ran on schedule or upon certain service actions. As the service is not required to run with authentication enabled, this may permit wholly unprivileged users root access. Otherwise, anybody with a PIN. | |||||
| CVE-2024-57728 | 1 Simple-help | 1 Simplehelp | 2025-01-31 | N/A | 7.2 HIGH |
| SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user. | |||||
| CVE-2023-31483 | 1 Cauldrondevelopment | 1 Cbang | 2025-01-31 | N/A | 7.5 HIGH |
| tar/TarFileReader.cpp in Cauldron cbang before bastet-v8.1.17 has a directory traversal during extraction that allows the attacker to create or write to files outside the current directory via a crafted tar archive. | |||||