Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-32415 | 2026-03-17 | N/A | 5.0 MEDIUM | ||
| Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov Squeeze squeeze allows Path Traversal.This issue affects Squeeze: from n/a through <= 1.7.7. | |||||
| CVE-2026-26124 | 1 Microsoft | 1 Aci Confidential Containers | 2026-03-16 | N/A | 6.7 MEDIUM |
| '.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-59793 | 2026-03-11 | N/A | 9.9 CRITICAL | ||
| Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services/WsPortalV6UpDwAxis2Impl to authenticated users to be able to upload files. However, the application doesn't properly sanitize the jobDirectory parameter, which allows path traversal sequences to be included. This allows writing files to arbitrary local filesystem locations and may subsequently lead to remote code execution. | |||||
| CVE-2026-1763 | 2026-03-04 | N/A | 4.6 MEDIUM | ||
| Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions. | |||||
| CVE-2025-69325 | 2026-02-24 | N/A | 5.3 MEDIUM | ||
| Path Traversal: '.../...//' vulnerability in primersoftware Primer MyData for Woocommerce primer-mydata allows Path Traversal.This issue affects Primer MyData for Woocommerce: from n/a through <= 4.2.8. | |||||
| CVE-2025-47176 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-02-13 | N/A | 7.8 HIGH |
| '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. | |||||
| CVE-2025-64676 | 1 Microsoft | 1 Purview | 2026-02-10 | N/A | 7.2 HIGH |
| '.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-58381 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 2.3 LOW |
| A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories. | |||||
| CVE-2025-58380 | 1 Broadcom | 1 Fabric Operating System | 2026-02-06 | N/A | 2.3 LOW |
| A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories. | |||||
| CVE-2025-49297 | 1 Qodeinteractive | 1 Grill And Chow | 2026-01-29 | N/A | 8.1 HIGH |
| Path Traversal vulnerability in Mikado-Themes Grill and Chow allows PHP Local File Inclusion. This issue affects Grill and Chow: from n/a through 1.6. | |||||
| CVE-2025-49296 | 1 Qodeinteractive | 1 Grandprix | 2026-01-29 | N/A | 8.1 HIGH |
| Path Traversal vulnerability in Mikado-Themes GrandPrix allows PHP Local File Inclusion. This issue affects GrandPrix: from n/a through 1.6. | |||||
| CVE-2025-49295 | 1 Qodeinteractive | 1 Mediclinic | 2026-01-29 | N/A | 8.1 HIGH |
| Path Traversal vulnerability in Mikado-Themes MediClinic allows PHP Local File Inclusion. This issue affects MediClinic: from n/a through 2.1. | |||||
| CVE-2025-39467 | 1 Qodeinteractive | 1 Wanderland | 2026-01-29 | N/A | 9.8 CRITICAL |
| Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n/a through <= 1.7.1. | |||||
| CVE-2025-59099 | 2026-01-26 | N/A | N/A | ||
| The Access Manager is using the open source web server CompactWebServer written in C#. This web server is affected by a path traversal vulnerability, which allows an attacker to directly access files via simple GET requests without prior authentication. Hence, it is possible to retrieve all files stored on the file system, including the SQLite database Database.sq3, containing badge information and the corresponding PIN codes. Additionally, when trying to access certain files, the web server crashes and becomes unreachable for about 60 seconds. This can be abused to continuously send the request and cause denial of service. | |||||
| CVE-2024-54216 | 1 Reputeinfosystems | 1 Arforms | 2026-01-22 | N/A | 7.7 HIGH |
| Path Traversal: '.../...//' vulnerability in Repute InfoSystems ARForms allows Path Traversal.This issue affects ARForms: from n/a through 6.4.1. | |||||
| CVE-2025-67914 | 2026-01-20 | N/A | 7.5 HIGH | ||
| Path Traversal: '.../...//' vulnerability in beeteam368 VidMov vidmov allows Path Traversal.This issue affects VidMov: from n/a through <= 2.3.8. | |||||
| CVE-2025-64253 | 2026-01-20 | N/A | 4.9 MEDIUM | ||
| Path Traversal: '.../...//' vulnerability in WordPress.org Health Check & Troubleshooting health-check allows Path Traversal.This issue affects Health Check & Troubleshooting: from n/a through <= 1.7.1. | |||||
| CVE-2025-58972 | 2026-01-20 | N/A | 7.2 HIGH | ||
| Path Traversal: '.../...//' vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through <= 1.10.4. | |||||
| CVE-2025-48090 | 2026-01-20 | N/A | 8.2 HIGH | ||
| Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka-wp allows PHP Local File Inclusion.This issue affects Blanka - One Page WordPress Theme: from n/a through < 1.5. | |||||
| CVE-2025-28973 | 2026-01-20 | N/A | 6.5 MEDIUM | ||
| Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through 2.0. | |||||