Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-11 | CVE-2022-31584 | Path Traversal vulnerability in S3Label Project S3Label 20190814 The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31585 | Path Traversal vulnerability in Home Internet Project Home Internet 20200828 The umeshpatil-dev/Home__internet repository through 2020-08-28 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31586 | Path Traversal vulnerability in Changepop-Back Project Changepop-Back 20190604 The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31587 | Path Traversal vulnerability in Kg-Fashion-Chatbot Project Kg-Fashion-Chatbot 20180522 The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31588 | Path Traversal vulnerability in Testplatform Project Testplatform The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-08 | CVE-2022-35410 | Path Traversal vulnerability in multiple products mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. | 7.5 |
| 2022-07-07 | CVE-2022-25046 | Path Traversal vulnerability in Control-Webpanel Webpanel A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request. | 9.8 |
| 2022-07-06 | CVE-2022-20791 | Path Traversal vulnerability in Cisco Unified Communications Manager A vulnerability in the database user privileges of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. | 6.5 |
| 2022-07-06 | CVE-2022-20812 | Path Traversal vulnerability in Cisco Telepresence Video Communication Server Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. | 6.5 |
| 2022-07-06 | CVE-2022-20862 | Path Traversal vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. | 4.3 |