CWE-40
4 CVEs classified under CWE-40. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-32103 | Medium | 5.0 | 2025-04-15 | CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at… |
CVE-2023-29446 | Medium | 4.7 | 2024-01-10 | An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an… |
CVE-2026-27615 | | 2026-02-25 | ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the `ManualAdbPath` settings variable, which determine… | |
CVE-2021-44548 | | 2021-12-23 | An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network cal… |