Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-18 | CVE-2021-26619 | Path Traversal vulnerability in Bigfile Bigfileagent An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent. | 9.1 |
| 2022-02-18 | CVE-2022-0673 | Path Traversal vulnerability in Eclipse Lemminx A flaw was found in LemMinX in versions prior to 0.19.0. | 6.5 |
| 2022-02-18 | CVE-2022-25298 | Path Traversal vulnerability in Webcc Project Webcc 0.2.0 This affects the package sprinfall/webcc before 0.3.0. | 7.5 |
| 2022-02-17 | CVE-2022-22914 | Path Traversal vulnerability in Ovidentia 6.0.0 An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal. | 7.5 |
| 2022-02-16 | CVE-2022-24983 | Path Traversal vulnerability in Jqueryform Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. | 7.5 |
| 2022-02-15 | CVE-2021-35380 | Path Traversal vulnerability in Solari Termtalk Server 3.24.0.2 A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download (http://url:port/file?valore). | 7.5 |
| 2022-02-15 | CVE-2022-25178 | Path Traversal vulnerability in Jenkins Pipeline:Shared Groovy Libraries Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | 6.5 |
| 2022-02-15 | CVE-2022-25188 | Path Traversal vulnerability in Jenkins Fortify Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker. | 4.3 |
| 2022-02-15 | CVE-2021-43734 | Path Traversal vulnerability in Keking Kkfileview 4.0.0 kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host. | 7.5 |
| 2022-02-14 | CVE-2022-24977 | Path Traversal vulnerability in Impresscms ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. | 9.8 |