Weaknesses of type CWE-36

127 results

CVE-2024-33620HIGHAbsolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the fEPSS 0.7%CVE-2024-20379MEDIUMA vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower ManagemeEPSS 0.6%CVE-2025-8009MEDIUMSecurity Ninja – Secure Firewall & Secure Malware Scanner - 5.201 - 5.242 - Authenticated (Administrator+) Arbitrary File ReadEPSS 0.6%CVE-2026-1330HIGHHAMASTAR Technology｜MeetingHub - Arbitrary File ReadEPSS 0.6%CVE-2024-10651MEDIUMCHANGING Information Technology IDExpert - Arbitrary File Read through Path TraversalEPSS 0.6%CVE-2026-10044HIGHai-goofish-monitor Unauthenticated Arbitrary File Read via GET /api/prompts/EPSS 0.6%CVE-2024-7323MEDIUMDigiwin EasyFlow .NET - Arbitrary File DownloadEPSS 0.6%CVE-2024-8778MEDIUMThe SYSCOM Group OMFLOW - Arbitrary File ReadEPSS 0.6%CVE-2023-50955LOWIBM InfoSphere Information Server information disclosureEPSS 0.6%CVE-2024-8497HIGHFranklin Fueling Systems TS-550 EVO Absolute Path TraversalEPSS 0.6%CVE-2024-28806HIGHAn issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers can upload files at an arbitrary path.EPSS 0.6%CVE-2025-8909HIGHWellChoose｜Organization Portal System - Arbitrary File Reading through Path TraversalEPSS 0.6%CVE-2026-1018HIGHGotac｜Police Statistics Database System - Arbitrary File ReadEPSS 0.6%CVE-2025-7846HIGHWordPress User Extra Fields <= 16.7 - Authenticated (Subscriber+) Arbitrary File Deletion via save_fields FunctionEPSS 0.6%CVE-2025-5927HIGHEverest Forms (Pro) <= 1.9.4 - Unauthenticated Path Traversal to Arbitrary File DeletionEPSS 0.6%CVE-2024-45290HIGHPath traversal and Server-Side Request Forgery when opening XLSX files in PHPSpreadsheetEPSS 0.6%CVE-2023-1176MEDIUMAbsolute Path Traversal in mlflow/mlflowEPSS 0.6%CVE-2026-44029MEDIUMAn issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-fiEPSS 0.6%CVE-2023-5390MEDIUMAn attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC andEPSS 0.6%CVE-2026-49290HIGHSlopsmith has path traversal in archive extractors that allows arbitrary file write → potential RCEEPSS 0.6%

← previouspage 4 / 7next →