Total
8216 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-55523 | 1 Agent-zero | 1 Agent-zero | 2026-01-08 | N/A | 3.5 LOW |
| An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to execute a directory traversal. | |||||
| CVE-2025-53513 | 1 Canonical | 1 Juju | 2026-01-08 | N/A | 8.8 HIGH |
| The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller to upload a charm. Uploading a malicious charm that exploits a Zip Slip vulnerability could allow an attacker to gain access to a machine running a unit through the affected charm. | |||||
| CVE-2025-14413 | 1 Sodapdf | 1 Soda Pdf Desktop | 2026-01-07 | N/A | 7.8 HIGH |
| Soda PDF Desktop CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Soda PDF Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CBZ files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27509. | |||||
| CVE-2024-11215 | 1 Easyphp | 1 Webserver | 2026-01-07 | N/A | 6.5 MEDIUM |
| Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server by setting only consecutive strings ā/...%5cā. | |||||
| CVE-2025-58173 | 1 Freshrss | 1 Freshrss | 2026-01-07 | N/A | 8.8 HIGH |
| FreshRSS is a self-hosted RSS feed aggregator. In versions 1.23.0 through 1.27.0, using a path traversal inside the `language` user configuration parameter, it's possible to call `install.php` and perform various administrative actions as an unprivileged user. These actions include logging in as the admin, creating a new admin user, or set the database to an attacker-controlled MySQL server and abuse it to execute code in FreshRSS by setting malicious feed `curl_params` inside the `feed` table. Version 1.27.1 fixes the issue. | |||||
| CVE-2025-66449 | 1 C4illin | 1 Convertx | 2026-01-07 | N/A | 8.8 HIGH |
| ConvertXis a self-hosted online file converter. In versions prior to 0.16.0, the endpoint `/upload` allows an authenticated user to write arbitrary files on the system, overwriting binaries and allowing code execution. The upload function takes `file.name` directly from user supplied data without doing any sanitization on the name thus allowing for arbitrary file write. This can be used to overwrite system binaries with ones provided from an attacker allowing full code execution. Version 0.16.0 contains a patch for the issue. | |||||
| CVE-2025-40898 | 1 Nozominetworks | 2 Cmc, Guardian | 2026-01-06 | N/A | 8.1 HIGH |
| A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary paths, altering the device configuration and/or affecting its availability. | |||||
| CVE-2025-65713 | 1 Home-assistant | 1 Home-assistant | 2026-01-06 | N/A | 4.0 MEDIUM |
| Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability. | |||||
| CVE-2025-66905 | 1 Takes | 1 Tkfiles | 2026-01-06 | N/A | 7.5 HIGH |
| The Takes web framework's TkFiles take thru 2.0-SNAPSHOT fails to canonicalize HTTP request paths before resolving them against the filesystem. A remote attacker can include ../ sequences in the request path to escape the configured base directory and read arbitrary files from the host system. | |||||
| CVE-2025-59380 | 1 Qnap | 2 Qts, Quts Hero | 2026-01-06 | N/A | 4.9 MEDIUM |
| A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later | |||||
| CVE-2025-59381 | 1 Qnap | 2 Qts, Quts Hero | 2026-01-06 | N/A | 4.9 MEDIUM |
| A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later | |||||
| CVE-2024-32465 | 3 Debian, Fedoraproject, Git-scm | 3 Debian Linux, Fedora, Git | 2026-01-05 | N/A | 7.3 HIGH |
| Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but vulnerabilities allow those protections to be bypassed. In the context of cloning local repositories owned by other users, this vulnerability has been covered in CVE-2024-32004. But there are circumstances where the fixes for CVE-2024-32004 are not enough: For example, when obtaining a `.zip` file containing a full copy of a Git repository, it should not be trusted by default to be safe, as e.g. hooks could be configured to run within the context of that repository. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid using Git in repositories that have been obtained via archives from untrusted sources. | |||||
| CVE-2025-14420 | 1 Pdfforge | 1 Pdf Architect | 2026-01-02 | N/A | 7.8 HIGH |
| pdfforge PDF Architect CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of pdfforge PDF Architect. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CBZ files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27514. | |||||
| CVE-2025-65815 | 1 Uniteddevelopers | 1 Document Reader\ | 2026-01-02 | N/A | 6.5 MEDIUM |
| A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal. | |||||
| CVE-2025-68916 | 1 Riello-ups | 1 Netman 208 | 2026-01-02 | N/A | 9.1 CRITICAL |
| Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory traversal for file upload with resultant code execution. | |||||
| CVE-2023-47467 | 1 Jeecg | 1 Jeecg Boot | 2026-01-02 | N/A | 6.5 MEDIUM |
| Directory Traversal vulnerability in jeecg-boot v.3.6.0 allows a remote privileged attacker to obtain sensitive information via the file directory structure. | |||||
| CVE-2025-67442 | 1 Eve-ng | 1 Eve-ng | 2026-01-02 | N/A | 7.6 HIGH |
| EVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This interface lacks effective input validation and filtering when processing file path parameters submitted by users. | |||||
| CVE-2025-53594 | 2026-01-02 | N/A | N/A | ||
| A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Qfinder Pro Mac 7.13.0 and later Qsync for Mac 5.1.5 and later QVPN Device Client for Mac 2.2.8 and later | |||||
| CVE-2025-68279 | 1 Weblate | 1 Weblate | 2026-01-02 | N/A | 7.7 HIGH |
| Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. Version 5.15.1 fixes the issue. | |||||
| CVE-2024-25183 | 1 Vvveb | 1 Vvvebjs | 2026-01-02 | N/A | 7.5 HIGH |
| givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php. | |||||