CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

320 matches found

CNNVD•added 2026/02/17 12:0 a.m.•4 views

Blossom 路径遍历漏洞

Blossom is a project management platform developed by Blossom Inc. Versions of Blossom prior to 1.17.1 contained a path traversal vulnerability. This vulnerability stemmed from improper path handling in the file upload component, which could lead to path traversal attacks...

8.8CVSS6.6AI score0.00055EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 12:35 p.m.•6 views

CVE-2023-45382

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

7.5CVSS6.7AI score0.0008EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:36 a.m.•8 views

CVE-2021-41449

A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet...

7.1CVSS7.2AI score0.01438EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:58 a.m.•4 views

CVE-2025-23092

Mitel OpenScape Accounting Management through V5 R1.1.0 could allow an authenticated attacker with administrative privileges to conduct a path traversal attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to upload arbitrary files and execute...

7.2CVSS7.3AI score0.00814EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:52 a.m.•5 views

CVE-2022-42188

In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server...

7.5CVSS6.7AI score0.00419EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:35 a.m.•8 views

CVE-2024-34033

Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten...

8.8CVSS6.7AI score0.00203EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:17 a.m.•9 views

CVE-2025-1228

A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file /read/?page=1=LOGMonitor of the component Logfile Update Handler. The manipulation of the argument path leads to path traversal...

5.3CVSS6.9AI score0.00277EPSS

Exploits0References1

CNNVD•added 2025/11/24 12:0 a.m.•2 views

Fluent Bit 安全漏洞

Fluent Bit is an open source log processing and analysis system written in C by Fluent Open Source. A security vulnerability exists in Fluent Bit that stems from not properly cleaning up tagged values, which could lead to a path traversal attack that allows files to be written to unintended...

5.3CVSS6.8AI score0.00102EPSS

Exploits0References2