Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-12-12 | CVE-2024-12482 | Path Traversal vulnerability in Cjbi Wetech-Cms 1.0/1.1/1.2 A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. | 4.3 |
2024-12-10 | CVE-2024-45709 | SolarWinds Web Help Desk was susceptible to a local file read vulnerability. | 5.3 |
2024-11-27 | CVE-2024-11667 | Path Traversal vulnerability in Zyxel ZLD A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL. | 9.8 |
2024-11-27 | CVE-2024-53676 | Path Traversal vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545 A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution. | 9.8 |
2024-11-18 | CVE-2020-26071 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. | 8.4 |
2024-11-18 | CVE-2024-41971 | A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss. | 8.1 |
2024-11-15 | CVE-2024-44625 | Path Traversal vulnerability in Gogs Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. | 8.8 |
2024-11-15 | CVE-2024-41784 | Path Traversal vulnerability in IBM Sterling Secure Proxy IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. | 7.5 |
2024-11-13 | CVE-2024-48510 | Path Traversal vulnerability in Dotnetzip.Semverd Project Dotnetzip.Semverd 1.11.0 Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | 9.8 |
2024-11-12 | CVE-2024-50322 | Path Traversal vulnerability in Ivanti Endpoint Manager Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a local unauthenticated attacker to achieve code execution. | 7.8 |