Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-23 Clear
ID Title
CVE-2026-58522 Vulnerability in path-traversal (CVE-2026-58522)
vulnerability in path-traversal (CVE-2026-58522). Confidential information can be exposed externally.
CVE-2026-57988 Vulnerability in path-traversal (CVE-2026-57988)
vulnerability in path-traversal (CVE-2026-57988). Data can be tampered with by attackers.
CVE-2026-45188 Vulnerability in apache (CVE-2026-45188)
vulnerability in apache (CVE-2026-45188). Risk of unauthorized operations or information disclosure.
CVE-2026-48569 Vulnerability in microsoft (CVE-2026-48569)
vulnerability in microsoft (CVE-2026-48569). Confidential information can be exposed externally.
CVE-2026-47287 Vulnerability in path-traversal (CVE-2026-47287)
vulnerability in path-traversal (CVE-2026-47287). Data can be tampered with by attackers.
CVE-2026-5422 Vulnerability in path-traversal (CVE-2026-5422)
vulnerability in path-traversal (CVE-2026-5422). Confidential information can be exposed externally.
CVE-2025-48977 Vulnerability in org.apache.ignite:ignite-core (CVE-2025-48977)
vulnerability in org.apache.ignite:ignite-core (CVE-2025-48977). Confidential information can be exposed externally. Mitigation: upgrade to `2.18.0` or later.
CVE-2026-8134 Vulnerability in concrete5/concrete5 (CVE-2026-8134)
vulnerability in concrete5/concrete5 (CVE-2026-8134). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.5.1` or later.
CVE-2026-8073 Vulnerability in wordpress (CVE-2026-8073)
vulnerability in wordpress (CVE-2026-8073). Confidential information can be exposed externally.
CVE-2026-41612 Path Traversal in path-traversal (CVE-2026-41612)
path traversal in path-traversal (CVE-2026-41612). Confidential information can be exposed externally.
CVE-2026-8209 Vulnerability in path-traversal (CVE-2026-8209)
vulnerability in path-traversal (CVE-2026-8209). Risk of unauthorized operations or information disclosure.
CVE-2026-5966 Vulnerability in path-traversal (CVE-2026-5966)
vulnerability in path-traversal (CVE-2026-5966). Data can be tampered with by attackers.
CVE-2024-27199 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27199)
vulnerability in Jetbrains teamcity (CVE-2024-27199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66737 Vulnerability in path-traversal (CVE-2025-66737)
vulnerability in path-traversal (CVE-2025-66737). Risk of unauthorized operations or information disclosure.
CVE-2025-64446 KEV [KEV] Vulnerability in Fortinet fortiweb (CVE-2025-64446)
vulnerability in Fortinet fortiweb (CVE-2025-64446). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-55752 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
CVE-2023-42456 Path Traversal in sudo-rs (CVE-2023-42456)
path traversal in sudo-rs (CVE-2023-42456). Risk of unauthorized operations or information disclosure. Exploitable via ``useradd``. Mitigation: upgrade to `0.2.1` or later.
CVE-2023-23391 Office for Android Spoofing Vulnerability
Office for Android Spoofing Vulnerability
CVE-2022-37042 KEV [KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-37042)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-37042). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-38163 KEV [KEV] Vulnerability in Sap netweaver (CVE-2021-38163)
vulnerability in Sap netweaver (CVE-2021-38163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-5410 KEV [KEV] Vulnerability in Vmware tanzu vmware-tanzu (CVE-2020-5410)
vulnerability in Vmware tanzu vmware-tanzu (CVE-2020-5410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22017 KEV [KEV] Vulnerability in Vmware vcenter-server (CVE-2021-22017)
vulnerability in Vmware vcenter-server (CVE-2021-22017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-21972 KEV [KEV] Vulnerability in Vmware vcenter-server (CVE-2021-21972)
vulnerability in Vmware vcenter-server (CVE-2021-21972). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22005 KEV [KEV] Vulnerability in Vmware vcenter-server (CVE-2021-22005)
vulnerability in Vmware vcenter-server (CVE-2021-22005). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →