Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-06-24 CVE-2022-1518 Path Traversal vulnerability in Illumina Local RUN Manager
LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intended directory structure.
network
low complexity
illumina CWE-22
7.5
2022-06-23 CVE-2022-31395 Path Traversal vulnerability in Algosolutions 8373 IP Zone Paging Adapter Firmware 1.7.6
Algo Communication Products Ltd.
network
low complexity
algosolutions CWE-22
critical
9.0
2022-06-23 CVE-2022-34177 Path Traversal vulnerability in Jenkins Pipeline: Input Step
Jenkins Pipeline: Input Step Plugin 448.v37cea_9a_10a_70 and earlier archives files uploaded for `file` parameters for Pipeline `input` steps on the controller as part of build metadata, using the parameter name without sanitization as a relative path inside a build-related directory, allowing attackers able to configure Pipelines to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.
network
low complexity
jenkins CWE-22
5.0
2022-06-23 CVE-2022-34179 Path Traversal vulnerability in Jenkins Embeddable Build Status
Jenkins Embeddable Build Status Plugin 2.0.3 and earlier allows specifying a `style` query parameter that is used to choose a different SVG image style without restricting possible values, resulting in a relative path traversal vulnerability that allows attackers without Overall/Read permission to specify paths to other SVG images on the Jenkins controller file system.
network
low complexity
jenkins CWE-22
5.0
2022-06-21 CVE-2022-33995 Path Traversal vulnerability in Devolutions Remote Desktop Manager
A path traversal issue in entry attachments in Devolutions Remote Desktop Manager before 2022.2 allows attackers to create or overwrite files in an arbitrary location.
network
low complexity
devolutions CWE-22
5.0
2022-06-21 CVE-2022-29774 Path Traversal vulnerability in Ispyconnect Ispy 7.2.2.0
iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal.
network
low complexity
ispyconnect CWE-22
7.5
2022-06-20 CVE-2022-31062 Path Traversal vulnerability in Glpi-Project Glpi Inventory 1.0.0/1.0.1
### Impact A plugin public script can be used to read content of system files.
network
low complexity
glpi-project CWE-22
5.0
2022-06-17 CVE-2022-25856 Path Traversal vulnerability in Argo Events Project Argo Events
The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go.
network
low complexity
argo-events-project CWE-22
5.0
2022-06-16 CVE-2022-31372 Path Traversal vulnerability in Wiris Mathtype 7.28.0
Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter.
network
low complexity
wiris CWE-22
5.0
2022-06-15 CVE-2021-33036 Path Traversal vulnerability in Apache Hadoop
In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user.
network
low complexity
apache CWE-22
critical
9.0