Total
338 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59244 | 1 Microsoft | 28 Windows, Windows 10, Windows 10 1507 and 25 more | 2026-01-02 | 6.5 Medium |
| External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59292 | 1 Microsoft | 2 Azure, Azure Compute Gallery | 2026-01-02 | 8.2 High |
| External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59291 | 1 Microsoft | 3 Azure, Azure Compute Gallery, Azure Container Instances | 2026-01-02 | 8.2 High |
| External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59200 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-01-02 | 7.7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally. | ||||
| CVE-2025-59185 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-01-02 | 6.5 Medium |
| External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59511 | 1 Microsoft | 20 Windows, Windows 10, Windows 10 1809 and 17 more | 2026-01-02 | 7.8 High |
| External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-68478 | 1 Langflow | 1 Langflow | 2026-01-02 | 7.1 High |
| Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, if an arbitrary path is specified in the request body's `fs_path`, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction, normalization, or allowed directory enforcement, so absolute paths (e.g., /etc/poc.txt) are interpreted as is. Version 1.7.0 fixes the issue. | ||||
| CVE-2025-67461 | 2 Apple, Zoom | 3 Macos, Rooms, Zoom | 2025-12-30 | 5 Medium |
| External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of information via local access. | ||||
| CVE-2025-12654 | 2 Wordpress, Wpvividplugins | 2 Wordpress, Migration Backup Staging Wpvivd Backup And Migration | 2025-12-23 | 2.7 Low |
| The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory creation in all versions up to, and including, 0.9.120. This is due to the check_filesystem_permissions() function not properly restricting the directories that can be created, or in what location. This makes it possible for authenticated attackers, with Administrator-level access and above, to create arbitrary directories. | ||||
| CVE-2025-55316 | 1 Microsoft | 2 Azure, Azure Connected Machine Agent | 2025-12-23 | 7.8 High |
| External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-1686 | 1 Pebbletemplates | 1 Pebble | 2025-12-21 | 6.8 Medium |
| All versions of the package io.pebbletemplates:pebble are vulnerable to External Control of File Name or Path via the include tag. A high privileged attacker can access sensitive local files by crafting malicious notification templates that leverage this tag to include files like /etc/passwd or /proc/1/environ. Workaround This vulnerability can be mitigated by disabling the include macro in Pebble Templates: java new PebbleEngine.Builder() .registerExtensionCustomizer(new DisallowExtensionCustomizerBuilder() .disallowedTokenParserTags(List.of("include")) .build()) .build(); | ||||
| CVE-2025-68155 | 1 Vitejs | 1 Plugin-rsc | 2025-12-18 | 7.5 High |
| @vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Prior to version 0.5.8, the `/__vite_rsc_findSourceMapURL` endpoint in `@vitejs/plugin-rsc` allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sending a crafted HTTP request with a `file://` URL in the `filename` query parameter. Version 0.5.8 fixes the issue. | ||||
| CVE-2025-21377 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 6.5 Medium |
| NTLM Hash Disclosure Spoofing Vulnerability | ||||
| CVE-2025-24054 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-17 | 6.5 Medium |
| External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-24996 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-17 | 6.5 Medium |
| External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-65473 | 1 Easyimages2.0 Project | 1 Easyimages2.0 | 2025-12-15 | 9.1 Critical |
| An arbitrary file rename vulnerability in the /admin/filer.php component of EasyImages 2.0 v2.8.6 and below allows attackers with Administrator privileges to execute arbitrary code via injecting a crafted payload into an uploaded file name. | ||||
| CVE-2025-13320 | 2 Wordpress, Wpusermanager | 2 Wordpress, Wp User Manager | 2025-12-12 | 6.8 Medium |
| The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filter_input() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server via the 'current_user_avatar' parameter in a two-stage attack which can make remote code execution possible. This only affects sites with the custom avatar setting enabled. | ||||
| CVE-2024-38049 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-09 | 6.6 Medium |
| Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | ||||
| CVE-2025-65799 | 1 Usememos | 1 Memos | 2025-12-09 | 4.3 Medium |
| A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal. | ||||
| CVE-2020-36878 | 1 Request | 1 Serious Play | 2025-12-08 | N/A |
| ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local resources. | ||||