Directory Traversal

Overview SharpCompress is a compression library for NET Standard 2.0/2.1/NET 5.0 that can unrar, decompress 7zip, decompress xz, zip/unzip, tar/untar lzip/unlzip, bzip2/unbzip2 and gzip/ungzip with forward-only reading and file random access APIs. Affected versions of this package are vulnerable ...

EUVD-2023-32867

Malicious code in bioql PyPI...

EUVD-2022-45415

Malicious code in bioql PyPI...

CVE-2025-49545

Adobe ColdFusion is affected by CVE-2025-49545 (SSRF leading to arbitrary file system read) in versions 2025.2, 2023.14, 2021.20 and earlier. A high-privilege authenticated attacker can force the application to make arbitrary requests by URL injection; exploitation requires no user interaction an...

CVE-2020-9682

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write...

CVE-2020-3763

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write...

CVE-2025-43566

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read. A high-privileged attacker could leverage this vulnerability to bypass security...

CVE-2025-43564

Adobe ColdFusion (versions 2025.1, 2023.13, 2021.19 and earlier) is affected by an Improper Access Control vulnerability that can allow arbitrary file system read. The issue stems from improper access restrictions and could let a high-privileged attacker access or modify sensitive data without au...

CVE-2025-43564 ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization...

CVE-2025-43563

CVE-2025-43563 affects Adobe ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier. It is an Improper Access Control vulnerability that could enable an attacker with high privileges to perform an arbitrary file system read, potentially accessing or modifying sensitive data. Exploitation requir...

CVE-2025-43563 ColdFusion | Improper Access Control (CWE-284)

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization...

PT-2025-21123 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier Description: The issue is related to an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or...

Adobe ColdFusion Improper Input Validation Vulnerability

Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion suffers from an improper input validation vulnerability that can be exploited by an...

CVE-2025-30281

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this...

CVE-2025-30281

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitati...

CVE-2025-30281 ColdFusion | Improper Access Control (CWE-284)

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitati...

CVE-2025-30281 ColdFusion | Improper Access Control (CWE-284)

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitati...

CVE-2025-30281

CVE-2025-30281 affects Adobe ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier. The vulnerability is an Improper Access Control that could allow a high-privilege, remote attacker to access or modify sensitive data and potentially execute arbitrary code without user interaction. The issue’s...

CVE-2024-11343

In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 2025.1.205, unzipping an archive can lead to arbitrary file system access...

Adobe Creative Cloud < 5.2 Multiple Vulnerabilities (APSB20-33)

The version of Adobe Creative Cloud installed on the remote Windows host is prior to 5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-33 advisory. - Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability...