Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-05 | CVE-2021-45783 | Path Traversal vulnerability in Bookeen Notea Firmware Bkr1.0.520210608 Bookeen Notea Firmware BK_R_1.0.5_20210608 is affected by a directory traversal vulnerability that allows an attacker to obtain sensitive information. | 4.6 |
| 2022-05-03 | CVE-2022-20101 | Path Traversal vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to a path traversal. | 5.5 |
| 2022-05-03 | CVE-2022-28784 | Path Traversal vulnerability in Google Android 10.0/11.0/12.0 Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. | 3.3 |
| 2022-05-03 | CVE-2022-1554 | Path Traversal vulnerability in Clinical-Genomics Scout Path Traversal due to `send_file` call in GitHub repository clinical-genomics/scout prior to 4.52. | 7.5 |
| 2022-05-02 | CVE-2022-24897 | Path Traversal vulnerability in Xwiki APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. | 7.5 |
| 2022-05-02 | CVE-2022-29970 | Path Traversal vulnerability in multiple products Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files. | 7.5 |
| 2022-05-02 | CVE-2022-28451 | Path Traversal vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Directory Traversal via the backup file in the Maintenance feature. | 7.5 |
| 2022-05-01 | CVE-2022-25842 | Path Traversal vulnerability in Alibabagroup One-Java-Agent All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. | 9.8 |
| 2022-05-01 | CVE-2022-26068 | Path Traversal vulnerability in Pistache Project Pistache This affects the package pistacheio/pistache before 0.0.3.20220425. | 7.5 |
| 2022-04-29 | CVE-2022-29967 | Path Traversal vulnerability in Glewlwyd Project Glewlwyd static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal. | 7.5 |