Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2021-46203 Path Traversal vulnerability in Taogogo Taocms 3.0.2
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter.
network
low complexity
taogogo CWE-22
4.0
2022-01-19 CVE-2021-46104 Path Traversal vulnerability in Webp Server GO 0.4.0
An issue was discovered in webp_server_go 0.4.0.
network
low complexity
webp CWE-22
5.0
2022-01-18 CVE-2022-21693 Path Traversal vulnerability in Onionshare
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network.
network
low complexity
onionshare CWE-22
4.0
2022-01-14 CVE-2022-22054 Path Traversal vulnerability in Asus Rt-Ax56U Firmware 3.0.0.4.386.44266
ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files.
low complexity
asus CWE-22
3.3
2022-01-13 CVE-2022-21682 Path Traversal vulnerability in multiple products
Flatpak is a Linux application sandboxing and distribution framework.
network
low complexity
flatpak fedoraproject redhat debian CWE-22
4.0
2022-01-13 CVE-2021-23514 Path Traversal vulnerability in Crowcpp Crow
This affects the package Crow before 0.3+4.
network
low complexity
crowcpp CWE-22
5.0
2022-01-12 CVE-2022-23107 Path Traversal vulnerability in Jenkins Warnings Next Generation
Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system.
network
low complexity
jenkins CWE-22
5.5
2022-01-12 CVE-2022-23113 Path Traversal vulnerability in Jenkins Publish Over SSH
Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files.
network
low complexity
jenkins CWE-22
4.0
2022-01-12 CVE-2022-21675 Path Traversal vulnerability in Bytecode Viewer Project Bytecode Viewer 2.10.16
Bytecode Viewer (BCV) is a Java/Android reverse engineering suite.
6.8
2022-01-12 CVE-2021-28376 Path Traversal vulnerability in Chronoengine Chronoforums 7.0.7
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
network
low complexity
chronoengine CWE-22
4.0