Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-16 | CVE-2021-42052 | Path Traversal vulnerability in Ipesa E-Flow 3.3.6 IPESA e-Flow 3.3.6 allows path traversal for reading any file within the web root directory via the lib/js/build/STEResource.res path and the R query parameter. | 7.5 |
| 2022-08-15 | CVE-2020-21365 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations. | 7.5 |
| 2022-08-15 | CVE-2020-21642 | Path Traversal vulnerability in Zohocorp Manageengine Analytics Plus Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code. | 9.8 |
| 2022-08-12 | CVE-2022-37042 | Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0 Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. | 9.8 |
| 2022-08-12 | CVE-2022-37423 | Path Traversal vulnerability in Neo4J Awesome Procedures on Cypher Neo4j APOC (Awesome Procedures on Cypher) before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream. | 7.5 |
| 2022-08-10 | CVE-2022-38129 | Path Traversal vulnerability in Keysight Sensor Management Server 2.4.0 A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). | 9.8 |
| 2022-08-10 | CVE-2022-29804 | Path Traversal vulnerability in Golang GO Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack. | 7.5 |
| 2022-08-10 | CVE-2022-34365 | Path Traversal vulnerability in Dell Wyse Management Suite WMS 3.7 contains a Path Traversal Vulnerability in Device API. | 6.5 |
| 2022-08-10 | CVE-2022-20816 | Path Traversal vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to delete arbitrary files from an affected system. | 8.1 |
| 2022-08-05 | CVE-2021-27798 | Path Traversal vulnerability in Broadcom Fabric Operating System 7.3.1D/7.4.1B A vulnerability in Brocade Fabric OS versions 7.4.1b and 7.3.1d could allow local users to conduct privileged directory transversal. | 5.5 |