ReportizFlow
Filtered by vendor
Subscriptions
Total
8950 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-21693 | 1 Onionshare | 1 Onionshare | 2026-04-03 | 6.3 Medium |
| OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions an adversary with a primitive that allows for filesystem access from the context of the Onionshare process can access sensitive files in the entire user home folder. This could lead to the leaking of sensitive data. Due to the automatic exclusion of hidden folders, the impact is reduced. This can be mitigated by usage of the flatpak release. | ||||
| CVE-2025-69874 | 1 Unjs | 1 Nanotar | 2026-04-03 | 9.8 Critical |
| nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence. | ||||
| CVE-2026-33528 | 2 Godoxy, Yusing | 2 Godoxy, Godoxy | 2026-04-03 | 6.5 Medium |
| GoDoxy is a reverse proxy and container orchestrator for self-hosters. Prior to version 0.27.5, the file content API endpoint at `/api/v1/file/content` is vulnerable to path traversal. The `filename` query parameter is passed directly to `path.Join(common.ConfigBasePath, filename)` where `ConfigBasePath = "config"` (a relative path). No sanitization or validation is applied beyond checking that the field is non-empty (`binding:"required"`). An authenticated attacker can use `../` sequences to read or write files outside the intended `config/` directory, including TLS private keys, OAuth refresh tokens, and any file accessible to the container's UID. Version 0.27.5 fixes the issue. | ||||
| CVE-2026-33529 | 2 Tobychui, Zoraxy | 2 Zoraxy, Zoraxy | 2026-04-03 | 3.3 Low |
| Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE by creating a plugin. Version 3.3.2 patches the issue. | ||||
| CVE-2026-29871 | 2 Shubhamsaboo, Theunwindai | 2 Awesome-llm-apps, Awesome Llm Apps | 2026-04-03 | 7.5 High |
| A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19) in the Beifong AI News and Podcast Agent backend in FastAPI backend, stream-audio endpoint, in file routers/podcast_router.py, in function stream_audio. The stream-audio endpoint accepts a user-controlled path parameter that is concatenated into a filesystem path without proper validation or restriction. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary files from the server filesystem, potentially disclosing sensitive information such as configuration files and credentials. | ||||
| CVE-2026-34070 | 2 Langchain, Langchain-ai | 2 Langchain, Langchain | 2026-04-03 | 7.5 High |
| LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an application passes user-influenced prompt configurations to load_prompt() or load_prompt_from_config(), an attacker can read arbitrary files on the host filesystem, constrained only by file-extension checks (.txt for templates, .json/.yaml for examples). This issue has been patched in version 1.2.22. | ||||
| CVE-2026-27101 | 1 Dell | 1 Secure Connect Gateway | 2026-04-03 | 4.7 Medium |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28.00.xx to 5.32.00.xx, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker within the management network could potentially exploit this vulnerability, leading to remote execution. | ||||
| CVE-2026-28265 | 1 Dell | 14 Powerstore, Powerstore 1000t, Powerstore 1200t and 11 more | 2026-04-03 | 4.4 Medium |
| PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files. | ||||
| CVE-2026-29870 | 1 Kayba-ai | 1 Agentic-context-engine | 2026-04-03 | 7.6 High |
| A directory traversal vulnerability in the agentic-context-engine project versions up to 0.7.1 allows arbitrary file writes via the checkpoint_dir parameter in OfflineACE.run. The save_to_file method in ace/skillbook.py fails to normalize or validate filesystem paths, allowing traversal sequences to escape the intended checkpoint directory. This vulnerability allows attackers to overwrite arbitrary files accessible to the application process, potentially leading to application corruption, privilege escalation, or code execution depending on the deployment context. | ||||
| CVE-2026-30940 | 2 Basercms, Baserproject | 2 Basercms, Basercms | 2026-04-03 | 7.2 High |
| baserCMS is a website development framework. Prior to version 5.2.3, a path traversal vulnerability exists in the theme file management API (/baser/api/admin/bc-theme-file/theme_files/add.json) that allows arbitrary file write. An authenticated administrator can include ../ sequences in the path parameter to create a PHP file in an arbitrary directory outside the theme directory, which may result in remote code execution (RCE). This issue has been patched in version 5.2.3. | ||||
| CVE-2026-30403 | 2 Tianshiyeben, Wgstart | 2 Wgcloud, Wgcloud | 2026-04-02 | 7.5 High |
| There is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, which can be used to read any file on the victim's server. | ||||
| CVE-2024-54535 | 1 Apple | 4 Ipados, Iphone Os, Visionos and 1 more | 2026-04-02 | 4 Medium |
| A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, visionOS 2.1, watchOS 11.1. An attacker with access to calendar data could also read reminders. | ||||
| CVE-2024-54520 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files. | ||||
| CVE-2024-54489 | 1 Apple | 1 Macos | 2026-04-02 | 5.3 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Running a mount command may unexpectedly execute arbitrary code. | ||||
| CVE-2024-44255 | 1 Apple | 8 Ipados, Iphone Os, Mac Os and 5 more | 2026-04-02 | 8.4 High |
| A path handling issue was addressed with improved logic. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A malicious app may be able to run arbitrary shortcuts without user consent. | ||||
| CVE-2024-44190 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to read arbitrary files. | ||||
| CVE-2024-44167 | 2 Apple, Mercurycom | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-04-02 | 8.1 High |
| This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. An app may be able to overwrite arbitrary files. | ||||
| CVE-2024-27887 | 1 Apple | 1 Macos | 2026-04-02 | 6.2 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data. | ||||
| CVE-2024-27871 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-04-02 | 5.5 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data. | ||||
| CVE-2024-27827 | 1 Apple | 1 Macos | 2026-04-02 | 6.2 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to read arbitrary files. | ||||