CWE-36: CWE-36

This vulnerability in pfSense CE 2.8.0 allows users with the 'WebCfg - Diagnostics: Command' privilege to read arbitrary files through directory trave...

This vulnerability in KDE ark archive utility allows extraction of archive files to arbitrary absolute paths on the filesystem. Attackers can overwrit...

Vitals ESP software from Galaxy Software Services contains an absolute path traversal vulnerability that allows authenticated remote attackers with el...

The atec Debug WordPress plugin contains an arbitrary file read vulnerability that allows authenticated attackers with Administrator privileges to rea...

The Security Ninja WordPress plugin contains an arbitrary file read vulnerability in all versions up to 5.242. Authenticated attackers with Administra...

This CVE describes an absolute path traversal vulnerability in Windows Shell that allows an attacker with physical access to perform spoofing attacks....

MJML versions through 4.18.0 contain a directory traversal vulnerability in the mj-include component, allowing attackers to test for file existence an...

QOCA aim AI Medical Cloud Platform has an absolute path traversal vulnerability that allows authenticated remote attackers to read folder names under ...

CVE-2025-15237 is an absolute path traversal vulnerability in QOCA aim AI Medical Cloud Platform that allows authenticated remote attackers to read fo...

Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, allowing attackers to determine if arbitrary files exist on the system. This ...