Threats Tagged 'cwe-23'
View all threats tagged with 'cwe-23'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cwe-23'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-48569: CWE-20: Improper Input Validation in Microsoft Visual Studio CodeCVE-2026-48569 0 Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. Join the discussion | GCVE Database | 06/09/2026, 17:05:53 UTC Added: 06/10/2026, 21:23:15 UTC |
CVE-2024-43614: CWE-23: Relative Path Traversal in Microsoft Microsoft Defender for Endpoint for LinuxCVE-2024-43614 0 Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally. Join the discussion | GCVE Database | 10/08/2024, 17:36:18 UTC Added: 06/09/2026, 19:18:40 UTC |
CVE-2026-47287: CWE-23: Relative Path Traversal in Microsoft Visual Studio CodeCVE-2026-47287 0 Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network. Join the discussion | CVE Database V5 | 06/09/2026, 17:04:57 UTC Added: 06/09/2026, 17:27:08 UTC |
CVE-2026-48681: CWE-23 Relative Path Traversal in OpenStack IronicCVE-2026-48681 0 OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image. Join the discussion | CVE Database V5 | 06/04/2026, 00:00:00 UTC Added: 06/04/2026, 03:48:37 UTC |
CVE-2026-5422: CWE-23 Relative Path Traversal in jupyter jupyter/jupyterCVE-2026-5422 0 CVE-2026-5422 is a path traversal vulnerability in jupyter-server version 2.17.0. It arises from an improper root directory boundary check in the _get_os_path() function, which uses a startswith check without a trailing path separator. This allows sibling directories with similar prefixes to bypass the check. Additionally, the to_os_path() function does not remove '.. ' path parts, enabling traversal sequences to circumvent protections. This can lead to unauthorized read/write access to files in sibling directories, risking exposure of sensitive data in shared hosting environments. Join the discussion | CVE Database V5 | 06/02/2026, 09:11:15 UTC Added: 06/02/2026, 10:03:50 UTC |
CVE-2026-10074: CWE-23 Relative path traversal in Interinfo DreamMakerCVE-2026-10074 0 DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing privileged local attackers to exploit Relative Path Traversal to download arbitrary system files. Join the discussion | CVE Database V5 | 05/29/2026, 12:45:46 UTC Added: 05/29/2026, 13:48:38 UTC |
CVE-2026-10073: CWE-23 Relative path traversal in Interinfo DreamMakerCVE-2026-10073 0 DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files. Join the discussion | CVE Database V5 | 05/29/2026, 12:39:31 UTC Added: 05/29/2026, 13:48:38 UTC |
CVE-2026-8326: CWE-23 Relative path traversal in Remote Spark (https://www.remotespark.com/) SparkViewCVE-2026-8326 0 Path traversal vulnerability in Remote Spark (https://www.Remotespark.Com/) SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an unauthenticated attacker. This issue affects SparkView: before build 1127. Join the discussion | CVE Database V5 | 05/29/2026, 11:47:02 UTC Added: 05/29/2026, 12:48:35 UTC |
CVE-2025-41280: CWE-23 Relative Path Traversal in Waterfall WF-500CVE-2025-41280 0 Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is configured and file compression is enabled. Join the discussion | CVE Database V5 | 05/29/2026, 10:59:40 UTC Added: 05/29/2026, 11:48:42 UTC |
CVE-2025-41271: CWE-23 Relative Path Traversal in Waterfall WF-500CVE-2025-41271 0 Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device. Join the discussion | CVE Database V5 | 05/29/2026, 10:51:40 UTC Added: 05/29/2026, 11:48:38 UTC |
Showing 1 to 10 of 105 results