14 matches found
K000161278: Spring Cloud vulnerability CVE-2026-22739
Security Advisory Description Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Config Server configured to the native file system as a backend, because it was possible to access files outside of the configured search directories. This...
PT-2026-26021
CVE-2026-30345 A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via … https://t.co/FJ70VBbzI8...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...
EUVD-2025-25412
Malicious code in bioql PyPI...
CVE-2025-8023
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
CVE-2025-8023 Path Traversal in Template Upload Allows Uploading Files Outside Target Directory
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
PT-2025-33079 · Unknown · Quickshare File Server
Name of the Vulnerable Software and Affected Versions: QuickShare File Server version 1.2.1 Description: QuickShare File Server version 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this fla...
GNU Tar 安全漏洞
GNU Tar is a set of tools for creating tar-formatted files from the American GNU community. GNU Tar suffers from a directory traversal vulnerability that originates in a specially crafted TAR archive, which can be exploited by an attacker to access locations outside of restricted directories and...
CVE-2023-41793
: Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability allowed changing directories and creating files and downloading them outside the allowed directories. This issue affects Pandora FMS: from 700 through 776...
PT-2023-9498 · Unknown · Laquis Scada
Name of the Vulnerable Software and Affected Versions: LAquis SCADA affected versions not specified Description: The issue is related to the LAquis SCADA system, where an attacker can access locations outside of their own directory. This is due to incorrect restriction of the path name to a...
jenkins: FilePath#listFiles lists files outside directories with agent read access when following symbolic links.
An incorrect permissions validation vulnerability was found in Jenkins. The FilePathlistFiles lists files outside directories with agent read access when following symbolic links. This may allow an attacker to get access to restricted data...
samba: Combination of parameters and permissions can allow user to escape from the share path definition
A flaw was found in samba when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside of the share...
GNOME file-roller path traversal vulnerability (CNVD-2020-22856)
GNOME file-roller is a compressed file manager for use on the GNOME desktop. A path traversal vulnerability exists in the fr-archive-libarchive.c file in GNOME file-roller 3.36.1 and earlier. The vulnerability stems from a failure of a networked system or product to properly filter for special...
Roxy Fileman Path Traversal Vulnerability (CNVD-2020-03726)
Roxy Fileman is a set of open source file browser for . A path traversal vulnerability exists in Roxy Fileman version 1.4.5 for . The vulnerability stems from a failure of a networked system or product to properly filter special elements in the path of a resource or file. An attacker could use th...