147 matches found
CVE-2022-28147
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
CVE-2022-36918
Jenkins Buckminster Plugin 1.1.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
CVE-2022-36908
A cross-site request forgery CSRF vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an...
CVE-2025-48050
In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current working directory. NOTE: the Supplier disputes the significance of this report because the "Uncontrolled data used in path expression" occurs "in a development helper script...
CLSA-2025-1745272309 ghostscript: Fix of 2 CVEs
CVE-2024-33869: fix path traversal and command execution vulnerability in base/gpmisc.c - CVE-2024-33870: fix path traversal vulnerability to prevent unauthorized access to arbitrary files by restricting access to permitted paths...
CVE-2025-31554
Docxpresso (WordPress plugin) CVE-2025-31554: Path traversal allows arbitrary file download in Docxpresso versions up to 2.6. Root cause is improper pathname limitation. Exploitation status not detailed in provided docs; Patch status is Unpatched as of the Connected Wordfence listing. Affected: D...
PT-2025-6427 · WordPress · Aforms Eats
Name of the Vulnerable Software and Affected Versions: AForms Eats plugin for WordPress versions up to, and including, 1.3.1 Description: The issue is related to Full Path Disclosure, which occurs due to the /vendor/aura/payload-interface/phpunit.php file being publicly accessible and displaying...
CVE-2024-52012 Apache Solr: Configset upload on Windows allows arbitrary path write-access
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...
CVE-2024-52012 Apache Solr: Configset upload on Windows allows arbitrary path write-access
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...
Gradio 授权问题漏洞
Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. An authorization issue vulnerability exists in Gradio versions prior to 5.6.0 that stems from a lack of normalization of the path validation logic...
GO-2024-3293 Full access to the host's OS file system using osfs.FS with Router.Static in goyave.dev/goyave/v5
Static file serving using router.Static and osfs.FS allows clients to access any file on the host file system using relative paths because the requested path is not sanitized and . and .. segments are accepted. The files will be returned as a response, provided the system user running the Go...
OESA-2024-2546 haproxy security update
HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Security Fixes: Inconsistent...
SAMSUNG mobile 安全漏洞
SAMSUNG mobile is a cell phone from Samsung South Korea. A security vulnerability exists in SAMSUNG mobile prior to SMR-Dec-2024 Release 1, which originates from the use of an alternate path to bypass authentication and allow a physical attacker to temporarily access the recent applications list...
SUSE CVE-2024-53008
Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...
CVE-2024-34245
An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtmljsaction.php...
Logpoint 安全漏洞
Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.4.0 that stems from the ability to view the contents of a specified file in incoming logs when an arbitrary file path is used in the file system collector...
AutomationDirect C-MORE EA9 HMI 路径遍历漏洞
The AutomationDirect C-MORE EA9 HMI is a touchscreen from AutomationDirect, Inc. A path traversal vulnerability exists in the AutomationDirect C-MORE EA9 HMI that stems from not properly cleaning up content, allowing an attacker to perform path traversal over a URL...
UBUNTU-CVE-2024-21890
The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/. This misleading documentation affects all users...
FreeBSD Security Vulnerabilities
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that originates from not restricting an add-in's access to , allowing the add-in to read any file that the host user is authorized to access...
PT-2024-1817 · Freebsd · Bhyveload +1
Name of the Vulnerable Software and Affected Versions: bhyveload versions prior to the fixed version Description: The issue is related to the bhyveload module in FreeBSD, which is associated with incorrect restriction of the host-path directory name with limited access. This could allow a remote...