Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2021-40003 | Path Traversal vulnerability in Huawei Harmonyos HwPCAssistant has a path traversal vulnerability. | 5.3 |
| 2022-01-06 | CVE-2021-44351 | Path Traversal vulnerability in Naviwebs Navigate CMS 2.9 An arbitrary file read vulnerability exists in NavigateCMS 2.9 via /navigate/navigate_download.php id parameter. | 7.5 |
| 2022-01-05 | CVE-2021-45452 | Path Traversal vulnerability in multiple products Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. | 5.3 |
| 2022-01-04 | CVE-2021-39143 | Path Traversal vulnerability in Linuxfoundation Spinnaker Spinnaker is an open source, multi-cloud continuous delivery platform. | 7.1 |
| 2022-01-04 | CVE-2021-40525 | Path Traversal vulnerability in Apache James Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. | 9.1 |
| 2022-01-03 | CVE-2021-37126 | Path Traversal vulnerability in Huawei Harmonyos Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed. | 7.5 |
| 2022-01-03 | CVE-2021-37128 | Path Traversal vulnerability in Huawei Harmonyos HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file. | 9.8 |
| 2022-01-03 | CVE-2021-39970 | Path Traversal vulnerability in Huawei Harmonyos HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission. | 7.5 |
| 2022-01-03 | CVE-2021-25020 | Path Traversal vulnerability in Daan Complete Analytics Optimization Suite The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin | 4.9 |
| 2022-01-03 | CVE-2021-25021 | Path Traversal vulnerability in FFW Optimize MY Google Fonts The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache directory setting, allowing high privilege users to use a path traversal vector and delete arbitrary folders when uninstalling the plugin | 4.9 |