Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-12-19 CVE-2022-4063 Path Traversal vulnerability in Pluginus Inpost Gallery 2.1.4.1
The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers.
network
low complexity
pluginus CWE-22
critical
9.8
2022-12-17 CVE-2022-23531 Path Traversal vulnerability in Datadoghq Guarddog
GuardDog is a CLI tool to identify malicious PyPI packages.
local
low complexity
datadoghq CWE-22
7.8
2022-12-16 CVE-2022-20505 Path Traversal vulnerability in Google Android 13.0
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error.
local
low complexity
google CWE-22
6.7
2022-12-16 CVE-2022-46137 Path Traversal vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 is vulnerable to Directory Traversal.
network
low complexity
aerocms-project CWE-22
7.5
2022-12-15 CVE-2022-45969 Path Traversal vulnerability in Alist Project Alist 3.4.0
Alist v3.4.0 is vulnerable to Directory Traversal,
network
low complexity
alist-project CWE-22
critical
9.8
2022-12-15 CVE-2022-4511 Path Traversal vulnerability in Docsys Project Docsys
A vulnerability has been found in RainyGao DocSys and classified as critical.
network
low complexity
docsys-project CWE-22
7.5
2022-12-15 CVE-2020-24855 Path Traversal vulnerability in Easyjs Easywebpack-Cli
Directory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request.
network
low complexity
easyjs CWE-22
5.3
2022-12-14 CVE-2022-31703 Path Traversal vulnerability in VMWare Vrealize LOG Insight
The vRealize Log Insight contains a Directory Traversal Vulnerability.
network
low complexity
vmware CWE-22
7.5
2022-12-14 CVE-2022-46255 Path Traversal vulnerability in Github Enterprise Server 3.7.0
An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution.
network
low complexity
github CWE-22
critical
9.8
2022-12-14 CVE-2022-46256 Path Traversal vulnerability in Github Enterprise Server
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site.
network
low complexity
github CWE-22
8.8