Filtered by CWE-22
Total 7713 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-10933 1 Openbsd 1 Openbsd 2025-09-23 5 Medium
In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022, exclude any '/' in readdir name validation to avoid unexpected directory traversal on untrusted file systems.
CVE-2024-37043 1 Qnap 2 Qts, Quts Hero 2025-09-23 4.9 Medium
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read the contents of unexpected files and expose sensitive data. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
CVE-2025-10777 1 Jsc 1 R7-office 2025-09-22 6.3 Medium
A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to address this issue. The affected component should be upgraded. R7-Office is a fork of OpenOffice and at the moment it remains unclear if OpenOffice is affected as well. The OpenOffice team was not able to reproduce the issue in their codebase. The vendor replied: "We confirm that this vulnerability has been verified and patched in release 2025.3.1.923. During our security testing, it was not possible to exploit the issue - the server consistently returns proper error responses to the provided scenarios."
CVE-2025-10766 1 Zkeacms 1 Zkeacms 2025-09-22 4.3 Medium
A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-57644 1 Accela 1 Automation Platform 2025-09-22 9.1 Critical
Accela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative user can execute arbitrary Java code on the server, resulting in remote code execution. In addition, improper input validation allows for arbitrary file write and server-side request forgery (SSRF), enabling interaction with internal or external systems. Successful exploitation can lead to full server compromise, unauthorized access to sensitive data, and further network exploitation.
CVE-2025-29592 1 Aaluoxiang 1 Oasys 2025-09-22 5.6 Medium
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVE-2024-55459 1 Keras 1 Keras 2025-09-22 6.5 Medium
An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.
CVE-2025-33032 1 Qnap 2 Qts, Quts Hero 2025-09-22 4.9 Medium
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later
CVE-2025-30270 1 Qnap 2 Qts, Quts Hero 2025-09-22 6.5 Medium
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later
CVE-2025-30271 1 Qnap 2 Qts, Quts Hero 2025-09-22 6.5 Medium
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later
CVE-2024-49359 2 Icewhaletech, Zimaspace 2 Zimaos, Zimaos 2025-09-22 7.5 High
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint `http://<Zima_Server_IP:PORT>/v2_1/file` in ZimaOS is vulnerable to a directory traversal attack, allowing authenticated users to list the contents of any directory on the server. By manipulating the path parameter, attackers can access sensitive system directories such as `/etc`, potentially exposing critical configuration files and increasing the risk of further attacks. As of time of publication, no known patched versions are available.
CVE-2025-10468 1 Beyaz Computer 1 Cityplus 2025-09-22 7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Beyaz Computer CityPlus allows Path Traversal.This issue affects CityPlus: before 24.29375.
CVE-2023-47221 1 Qnap 1 Photo Station 2025-09-20 5.5 Medium
A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later
CVE-2025-33038 1 Qnap 1 Qsync Central 2025-09-19 6.5 Medium
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later
CVE-2025-33037 1 Qnap 1 Qsync Central 2025-09-19 6.5 Medium
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later
CVE-2025-33036 1 Qnap 1 Qsync Central 2025-09-19 6.5 Medium
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later
CVE-2025-33033 1 Qnap 1 Qsync Central 2025-09-19 6.5 Medium
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later
CVE-2012-10054 1 Umbraco 1 Umbraco Cms 2025-09-19 9.8 Critical
Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter, attackers can write malicious ASPX scripts directly into the web-accessible /umbraco/ directory and execute them remotely.
CVE-2025-58755 1 Monai 2 Medical Open Network For Ai, Monai 2025-09-19 8.8 High
MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. The extractall function `zip_file.extractall(output_dir)` is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious content is decompressed, it overwrites the system files. In addition, the project allows the download of the zip content through the link, which increases the scope of exploitation of this vulnerability. As of time of publication, no known fixed versions are available.
CVE-2025-23343 1 Nvidia 1 Nvdebug 2025-09-18 7.6 High
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability may lead to information disclosure, denial of service, and data tampering.