Total
7935 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68155 | 2025-12-16 | 7.5 High | ||
| @vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Prior to version 0.5.8, the `/__vite_rsc_findSourceMapURL` endpoint in `@vitejs/plugin-rsc` allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sending a crafted HTTP request with a `file://` URL in the `filename` query parameter. Version 0.5.8 fixes the issue. | ||||
| CVE-2025-65345 | 1 Alexusmai | 2 Laravel-file-manager, Laravel File Manager | 2025-12-16 | 6.5 Medium |
| alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to create archives containing files and directories outside the intended scope due to improper path validation. | ||||
| CVE-2025-54307 | 1 Thermofisher | 2 Torrent Suite, Torrent Suite Software | 2025-12-16 | 8.8 High |
| An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The plupload_file_upload function handles these file uploads and constructs the destination file path by using either the name parameter or the uploaded filename, neither of which is properly sanitized. The file extension is extracted by splitting the filename, and a format string is used to construct the final file path, leaving the destination path vulnerable to path traversal. An authenticated attacker with network connectivity can write arbitrary files to the server, enabling remote code execution after overwriting an executable file. An example is the pdflatex executable, which is executed through subprocess.Popen in the write_report_pdf function after requests to a /report/latex/(\d+).pdf endpoint. | ||||
| CVE-2021-1435 | 1 Cisco | 1 Ios Xe | 2025-12-16 | 7.2 High |
| A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to the web UI of an affected device with arbitrary commands injected into a portion of the request. A successful exploit could allow the attacker to execute arbitrary commands as the root user. | ||||
| CVE-2023-22273 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2025-12-16 | 7.2 High |
| Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction. | ||||
| CVE-2023-53902 | 2025-12-16 | 6.5 Medium | ||
| WebsiteBaker 2.13.3 contains a directory traversal vulnerability that allows authenticated attackers to delete arbitrary files by manipulating directory path parameters. Attackers can send crafted GET requests to /admin/media/delete.php with directory traversal sequences to delete files outside the intended directory. | ||||
| CVE-2024-27976 | 1 Ivanti | 1 Avalanche | 2025-12-16 | 8.8 High |
| A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | ||||
| CVE-2024-23535 | 1 Ivanti | 1 Avalanche | 2025-12-16 | 8.8 High |
| A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | ||||
| CVE-2024-24999 | 1 Ivanti | 1 Avalanche | 2025-12-16 | 8.8 High |
| A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | ||||
| CVE-2024-24997 | 1 Ivanti | 1 Avalanche | 2025-12-16 | 8.8 High |
| A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | ||||
| CVE-2024-25000 | 1 Ivanti | 1 Avalanche | 2025-12-16 | 8.8 High |
| A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM. | ||||
| CVE-2025-65346 | 1 Alexusmai | 2 Laravel-file-manager, Laravel File Manager | 2025-12-16 | 9.1 Critical |
| alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths. | ||||
| CVE-2021-40444 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-16 | 8.8 High |
| <p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p> <p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.</p> <p>Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.</p> <p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p> <p><strong>UPDATE</strong> September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.</p> | ||||
| CVE-2025-63414 | 2025-12-16 | 10.0 Critical | ||
| A Path Traversal vulnerability in the Allsky WebUI version v2024.12.06_06 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint with a malicious payload in the id parameter, an attacker can execute arbitrary commands on the underlying operating system, leading to full remote code execution (RCE). | ||||
| CVE-2025-61811 | 1 Adobe | 1 Coldfusion | 2025-12-16 | 9.1 Critical |
| ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. A high privileged attacker could leverage this vulnerability to bypass security measures and execute malicious code. Exploitation of this issue does not require user interaction and scope is changed. | ||||
| CVE-2025-58173 | 1 Freshrss | 1 Freshrss | 2025-12-16 | N/A |
| FreshRSS is a self-hosted RSS feed aggregator. In versions 1.23.0 through 1.27.0, using a path traversal inside the `language` user configuration parameter, it's possible to call `install.php` and perform various administrative actions as an unprivileged user. These actions include logging in as the admin, creating a new admin user, or set the database to an attacker-controlled MySQL server and abuse it to execute code in FreshRSS by setting malicious feed `curl_params` inside the `feed` table. Version 1.27.1 fixes the issue. | ||||
| CVE-2015-10136 | 2 Wordpress, Zishanj | 2 Wordpress, Gi-media-library | 2025-12-16 | 7.5 High |
| The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. | ||||
| CVE-2024-58310 | 1 Apc | 1 Network Management Card | 2025-12-16 | N/A |
| APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path traversal characters in HTTP requests. | ||||
| CVE-2024-58312 | 1 Xbtitfm | 1 Xbtitfm | 2025-12-16 | N/A |
| xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like using encoded path traversal characters in HTTP requests. | ||||
| CVE-2025-6020 | 1 Redhat | 15 Cert Manager, Confidential Compute Attestation, Discovery and 12 more | 2025-12-16 | 7.8 High |
| A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. | ||||