| 2025-01-15 | CVE-2024-54535 | Path Traversal vulnerability in Apple products
A path handling issue was addressed with improved logic. | 4.3 |
| 2025-01-14 | CVE-2024-13179 | Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
| 2025-01-14 | CVE-2024-13180 | Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. | 7.5 |
| 2025-01-14 | CVE-2024-13181 | Path Traversal vulnerability in Ivanti Avalanche
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
| 2025-01-14 | CVE-2024-39786 | Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. network low complexity CWE-22 critical | 9.1 |
| 2025-01-14 | CVE-2024-39787 | Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. network low complexity CWE-22 critical | 9.1 |
| 2025-01-14 | CVE-2024-33502 | Path Traversal vulnerability in Fortinet Fortianalyzer and Fortimanager
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPs requests. | 7.2 |
| 2025-01-09 | CVE-2024-11642 | The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination & Shortcode Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.4.12 via the 'locate_template' function. network low complexity CWE-22 critical | 9.8 |
| 2025-01-08 | CVE-2024-9939 | The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfu_file_downloader.php. | 7.5 |
| 2025-01-08 | CVE-2024-10585 | The InfiniteWP Client plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.13.0 via the 'historyID' parameter of the ~/debug-chart/index.php file. | 5.3 |