Path Traversal Archives • Page 4 of 4 • Daily CyberSecurity

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available Python Tarfile, Path Traversal

Critical Python Tarfile Flaw (CVE-2025-4517, CVSS 9.4): Arbitrary File Write, PoC Available

Do Son June 23, 2025

A newly disclosed vulnerability in Python’s tarfile module—CVE-2025-4517—has exposed a critical security risk that allows attackers to...

Critical ANPR Camera Flaw (CVE-2025-34022, CVSS 9.3) Exposes Selea TARGA Devices, PoC Available, No Vendor Response ANPR Camera, Path Traversal

Critical ANPR Camera Flaw (CVE-2025-34022, CVSS 9.3) Exposes Selea TARGA Devices, PoC Available, No Vendor Response

Do Son June 22, 2025

Gjoko Krstic of Zero Science Lab has uncovered a critical path traversal vulnerability in Selea’s TARGA series...

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal

Do Son June 21, 2025

Open-source collaboration platform Mattermost is exposed to a severe vulnerability that threatens the integrity of its deployments...

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE Mitel OpenScape, Path Traversal

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE

Do Son June 14, 2025

A newly disclosed vulnerability in Mitel’s OpenScape Accounting Management platform has been assigned CVE-2025-23092 and rated High...

Critical Ricoh Streamline NX Flaw (CVSS 9.8) Allows SYSTEM-Level Code Execution Ricoh Streamline NX, Remote Code Execution

Critical Ricoh Streamline NX Flaw (CVSS 9.8) Allows SYSTEM-Level Code Execution

Do Son June 13, 2025

Ricoh has issued three security advisories addressing multiple serious vulnerabilities in its Streamline NX V3 PC Client,...

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727) SimpleHelp RMM, Ransomware

Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727)

Do Son June 13, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with its federal partners, has issued a high-priority...

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access Mitel MiCollab, Critical Vulnerability

Critical Path Traversal Vulnerability (CVSS 9.8) Exposes Mitel MiCollab Servers to Unauthorized Access

Do Son June 13, 2025

Mitel has issued a critical security advisory warning of a newly discovered path traversal vulnerability affecting its...

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination Path Traversal, LLM Vulnerabilities

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

Do Son June 2, 2025

A study titled “Eradicating the Unseen” reveals the widespread presence of a critical path traversal vulnerability (CWE-22)...

Unauthenticated Attacker Can Read Sensitive Files in Mitel OpenScape Xpressions MiContact Center Business Vulnerabilities Mitel vulnerability, OpenScape Xpressions

MiContact Center Business Vulnerabilities Mitel vulnerability, OpenScape Xpressions

Unauthenticated Attacker Can Read Sensitive Files in Mitel OpenScape Xpressions

Do Son May 22, 2025

Mitel has issued a security advisory warning of a high-severity path traversal vulnerability (CVE-2025-48026) in its OpenScape...

Critical Remote Code Execution Flaw Hits Lexmark Printers

Do Son May 21, 2025

Lexmark has released a security advisory for a critical vulnerability—CVE-2025-1127—affecting a wide range of its printer models....

High-Risk Flaws in a-blog cms: CVE-2025-36560 Scores Critical 9.2 on CVSS Scale a-blog cms, CVE-2025-36560

High-Risk Flaws in a-blog cms: CVE-2025-36560 Scores Critical 9.2 on CVSS Scale

Do Son May 15, 2025

JPCERT/CC has issued a vulnerability note disclosing multiple security flaws in a-blog cms, a popular content management...

Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update SonicWall Security Advisory SonicOS Patch 2026 CVE-2025-23006 SonicWall, SMA 100 Vulnerabilities

Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update

Do Son May 8, 2025

SonicWall has released a security advisory detailing multiple vulnerabilities affecting its Secure Mobile Access (SMA) 100 series...

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks Quick Agent Vulnerability, Ricoh MFP Security

Critical Vulnerabilities in Quick Agent Software Expose Ricoh MFPs to Remote Attacks

Do Son April 29, 2025

The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has issued an alert regarding multiple critical vulnerabilities...

Two Critical RCE Flaws Expose Yi IOT Smart Cameras to Full Device Takeover Yi IOT vulnerabilities, remote command execution

Two Critical RCE Flaws Expose Yi IOT Smart Cameras to Full Device Takeover

Do Son April 23, 2025

Security researcher Yassine Damiri has uncovered two critical vulnerabilities in the Yi IOT XY-3820 smart camera, posing...

Kibana Code Injection Vulnerability: Prototype Pollution Threat (CVE-2024-12556) CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

CVE-2024-43707 Kibana vulnerability Prototype pollution CVE-2025-25014

Kibana Code Injection Vulnerability: Prototype Pollution Threat (CVE-2024-12556)

Do Son April 9, 2025

A newly disclosed vulnerability in Kibana, the popular open-source data visualization front-end for Elasticsearch, has been rated...

WordPress Issues Urgent Security Update to Patch Multiple Vulnerabilities WordPress vulnerabilities TheGem, WordPress Vulnerability

WordPress Issues Urgent Security Update to Patch Multiple Vulnerabilities

Do Son June 25, 2024

WordPress, the world’s leading content management system (CMS), has released a critical security update, “WordPress 6.5.5,” to...