弱点类型

CWE-23

归类于此弱点类型的所有CVE漏洞。

在MITRE CWE查看

总计CVE

严重

在KEV中

有漏洞利用

CVE-2025-23011

8.8HIGH

Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP

Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP...

1/23/2025CWE-23

CVE-2019-13408

7.5HIGH

A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without an

A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without an...

8/29/2019CWE-23, CWE-22 +1

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal

3/18/2024CWE-23, CWE-22

CWE-23

CVE-2025-23011

Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP

CVE-2019-13408

A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without an

CVE-2023-35816

DevExpress before 23.1.3 allows arbitrary TypeConverter conversion.

CVE-2024-27770

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal