| 2024-11-10 | CVE-2024-46954 | Path Traversal vulnerability in Artifex Ghostscript
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. | 7.8 |
| 2024-11-09 | CVE-2024-10470 | The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to, and including, 4.962. network low complexity CWE-22 critical | 9.8 |
| 2024-11-09 | CVE-2024-10625 | The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 17.7. network low complexity CWE-22 critical | 9.8 |
| 2024-11-09 | CVE-2024-10626 | The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_uploaded_file() function in all versions up to, and including, 17.7. | 8.8 |
| 2024-11-05 | CVE-2024-47253 | Path Traversal vulnerability in 2N Access Commander
In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to write files on the filesystem and potentially achieve arbitrary remote code execution. | 7.2 |
| 2024-11-04 | CVE-2024-51582 | Path Traversal vulnerability in Thimpress WP Hotel Booking
Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through 2.1.4. | 8.8 |
| 2024-10-30 | CVE-2024-10005 | Path Traversal vulnerability in Hashicorp Consul
A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules. | 5.8 |
| 2024-10-29 | CVE-2024-5982 | Path Traversal vulnerability in Gaizhenbiao Chuanhuchatgpt
A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. | 9.8 |
| 2024-10-29 | CVE-2024-7774 | Path Traversal vulnerability in Langchain 0.2.5
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. | 9.1 |
| 2024-10-29 | CVE-2024-7962 | Path Traversal vulnerability in Gaizhenbiao Chuanhuchatgpt 20240628
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. | 7.5 |