Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-17 | CVE-2022-35861 | Path Traversal vulnerability in Pyenv pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. | 7.8 |
| 2022-07-14 | CVE-2022-32409 | Path Traversal vulnerability in Softwarepublico I3Geo 7.0.5 A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request. | 9.8 |
| 2022-07-13 | CVE-2022-20220 | Path Traversal vulnerability in Google Android 12.0/12.1 In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. | 7.8 |
| 2022-07-12 | CVE-2022-33690 | Path Traversal vulnerability in Google Android 12.0 Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file. | 3.3 |
| 2022-07-11 | CVE-2022-31501 | Path Traversal vulnerability in Onyxforum Project Onyxforum The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31502 | Path Traversal vulnerability in Wormnest Project Wormnest The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31503 | Path Traversal vulnerability in Orchest The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31504 | Path Traversal vulnerability in Baiduwenkuspider Flaskweb Project Baiduwenkuspider Flaskweb The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31505 | Path Traversal vulnerability in Mercadoenlineaback Project Mercadoenlineaback The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |
| 2022-07-11 | CVE-2022-31506 | Path Traversal vulnerability in CMU Opendiamond The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | 9.3 |