Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2024-03-01 CVE-2024-2045 Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent.
local
high complexity
CWE-22
4.4
2024-02-21 CVE-2024-1708 Path Traversal vulnerability in Connectwise Screenconnect 23.8.4/23.8.5
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.
network
low complexity
connectwise CWE-22
8.4
2024-02-15 CVE-2024-23476 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability.
low complexity
solarwinds CWE-22
critical
9.6
2024-02-15 CVE-2024-23477 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability.
low complexity
solarwinds CWE-22
critical
9.6
2024-02-15 CVE-2024-23479 Path Traversal vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability.
low complexity
solarwinds CWE-22
critical
9.6
2024-02-15 CVE-2024-26261 The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File Read and Delete vulnerability.
network
low complexity
CWE-22
critical
9.8
2024-02-12 CVE-2024-22226 Path Traversal vulnerability in Dell Unity Operating Environment 5.0.7.0.5.008/5.2.0.0.5.173/5.3.0.0.5.120
Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svc_supportassist utility.
network
low complexity
dell CWE-22
6.5
2024-02-08 CVE-2023-40264 Path Traversal vulnerability in Unify Openscape Voice Trace Manager V8
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11.
network
low complexity
unify CWE-22
4.3
2024-02-08 CVE-2023-40266 Path Traversal vulnerability in Mitel Unify Openscape Xpressions Webassistant
An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911.
network
low complexity
mitel CWE-22
critical
9.8
2024-02-07 CVE-2024-24311 Path Traversal vulnerability in Lineagrafica Multilingual and Multistore Sitemap PRO
Path Traversal vulnerability in Linea Grafica "Multilingual and Multistore Sitemap Pro - SEO" (lgsitemaps) module for PrestaShop before version 1.6.6, a guest can download personal information without restriction.
network
low complexity
lineagrafica CWE-22
7.5