Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-12 | CVE-2022-23113 | Path Traversal vulnerability in Jenkins Publish Over SSH Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. | 4.3 |
| 2022-01-12 | CVE-2022-21675 | Path Traversal vulnerability in Bytecode Viewer Project Bytecode Viewer 2.10.16 Bytecode Viewer (BCV) is a Java/Android reverse engineering suite. | 7.8 |
| 2022-01-12 | CVE-2021-28376 | Path Traversal vulnerability in Chronoengine Chronoforums 7.0.7 ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files. | 2.7 |
| 2022-01-12 | CVE-2021-28377 | Path Traversal vulnerability in Chronoengine Chronoforums 2.0.11 ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files. | 5.3 |
| 2022-01-11 | CVE-2021-37196 | Path Traversal vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.3 (All versions >= V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 6.5 |
| 2022-01-10 | CVE-2021-44586 | Path Traversal vulnerability in Dst-Admin Project Dst-Admin 1.3.0 An issue was discovered in dst-admin v1.3.0. | 7.5 |
| 2022-01-10 | CVE-2022-22821 | Path Traversal vulnerability in Nvidia Nemo NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available. | 4.4 |
| 2022-01-10 | CVE-2022-22836 | Path Traversal vulnerability in Coreftp Core FTP 1.2/2.0 CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request. | 6.5 |
| 2022-01-10 | CVE-2020-29050 | Path Traversal vulnerability in multiple products SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). | 7.5 |
| 2022-01-10 | CVE-2021-40001 | Path Traversal vulnerability in Huawei Harmonyos The CaasKit module has a path traversal vulnerability. | 5.3 |