2184 matches found
PT-2025-35278
Name of the Vulnerable Software and Affected Versions: QNAP versions prior to QTS 5.2.5.3145 build 20250526 QNAP versions prior to QuTS hero h5.2.5.3138 build 20250519 Description: A path traversal vulnerability exists in QNAP operating systems. A remote attacker who has obtained a user account c...
PT-2025-35242
Name of the Vulnerable Software and Affected Versions: Diebold Nixdorf Vynamic Security Suite versions through 4.3.0 SR06 Description: The software contains functionality that allows the removal of critical system files before the filesystem is properly mounted, such as using a delete call in...
CVE-2025-20295
CVE-2025-20295 affects Cisco UCS Manager Software (CLI) where an authenticated local attacker with administrative privileges can read, create, or overwrite files on the device’s underlying OS due to insufficient input validation of command arguments. The root cause is input validation failure in ...
CVE-2025-20295 Cisco UCS Manager Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...
CVE-2025-20295 Cisco UCS Manager Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...
PT-2025-34892 · Cisco · Cisco Ucs Manager
Name of the Vulnerable Software and Affected Versions: Cisco UCS Manager Software affected versions not specified Description: A vulnerability in the Cisco UCS Manager Software Command Line Interface CLI may allow an authenticated, local attacker with administrative privileges to read, create, or...
CVE-2025-35112
CVE-2025-35112 describes an XML External Entities path-traversal vulnerability in Agiloft Release 28, exploitable via any table that allows import/export. An authenticated attacker can import a template file and traverse local system files. The issue is caused by improper handling of XML entities...
CVE-2025-35112 Agiloft XML external entity local path traversal
Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31...
CVE-2025-9259
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9257
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9256
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9258
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9257
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9258
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9257
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9259
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9258 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2025-9257
CVE-2025-9257 involves WebITR by Uniong, which is vulnerable to an Arbitrary File Reading via Absolute Path Traversal . The issue affects the WebITR component and allows a remote attacker with regular privileges to perform a path traversal over the network to download arbitrary system files. The ...
CVE-2025-9256
CVE-2025-9256 affects WebITR (Uniong). An Arbitrary File Reading via Absolute Path Traversal allows remote attackers with regular privileges to download arbitrary system files. Exploitation vectors are network-based with low complexity per CVSS data; impact is high confidentiality. The provided d...
CVE-2025-9256 Uniong|WebITR - Arbitrary File Reading through Path Traversal
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...