Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE vulnerabilities with CWE-59 (1,735)
10.0
CVSS
CRITICAL
CVE-2024-37143
pub. 2024-12-10
10.0
CVSS
CRITICAL
CVE-2024-28185
pub. 2024-04-18
10.0
CVSS
CRITICAL
CVE-2024-28189
pub. 2024-04-18
10.0
CVSS
CRITICAL
CVE-2022-22995
pub. 2022-03-25
10.0
CVSS
HIGH
CVE-2014-4480
pub. 2015-01-30
10.0
CVSS
HIGH
CVE-2002-2374
pub. 2002-12-31
9.9
CVSS
CRITICAL
CVE-2026-7374
pub. 2026-05-26
9.9
CVSS
CRITICAL
CVE-2023-6069
pub. 2023-11-10
9.9
CVSS
CRITICAL
CVE-2018-5225
pub. 2018-03-22
9.8
CVSS
CRITICAL
CVE-2025-43220
pub. 2025-07-30
9.8
CVSS
CRITICAL
CVE-2025-30457
pub. 2025-03-31
9.8
CVSS
CRITICAL
CVE-2024-6868
pub. 2024-10-29
9.8
CVSS
CRITICAL
CVE-2022-34960
pub. 2022-08-25
9.8
CVSS
CRITICAL
CVE-2022-26612
pub. 2022-04-07
9.8
CVSS
CRITICAL
CVE-2021-21691
pub. 2021-11-04
9.8
CVSS
CRITICAL
CVE-2020-27172
pub. 2020-12-28
9.8
CVSS
CRITICAL
CVE-2020-9670
pub. 2020-07-17
9.8
CVSS
CRITICAL
CVE-2020-9682
pub. 2020-07-17
9.8
CVSS
CRITICAL
CVE-2020-12265
pub. 2020-04-26
9.8
CVSS
CRITICAL
CVE-2019-7183
pub. 2019-12-05
Showing 20 of 1,735 vulnerabilities