Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-03 | CVE-2021-44674 | Path Traversal vulnerability in Opmantek Open-Audit 4.2.0 An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. | 6.5 |
| 2021-12-30 | CVE-2021-20133 | Path Traversal vulnerability in Dlink Dir-2640-Us Firmware 1.01/1.01B04/1.11B02 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set the "message of the day" banner to any file on the system, allowing them to read all or some of the contents of those files. | 6.1 |
| 2021-12-30 | CVE-2021-20134 | Path Traversal vulnerability in Dlink Dir-2640-Us Firmware 1.01/1.01B04/1.11B02 Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set an arbitrary file on the router's filesystem as the log file used by either Quagga service (zebra or ripd). | 8.4 |
| 2021-12-30 | CVE-2021-45427 | Path Traversal vulnerability in Emerson Xweb300D EVO Firmware 3.0.7 Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. | 9.8 |
| 2021-12-27 | CVE-2020-20944 | Path Traversal vulnerability in Qibosoft 7.0 An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily delete files. | 9.1 |
| 2021-12-26 | CVE-2021-45712 | Path Traversal vulnerability in Rust-Embed Project Rust-Embed An issue was discovered in the rust-embed crate before 6.3.0 for Rust. | 7.5 |
| 2021-12-24 | CVE-2021-20876 | Path Traversal vulnerability in Groupsession Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an administrative privilege to obtain sensitive information stored in the hierarchy above the directory on the published site's server via unspecified vectors. | 6.8 |
| 2021-12-23 | CVE-2021-44548 | Path Traversal vulnerability in Apache Solr An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. | 9.8 |
| 2021-12-22 | CVE-2021-21879 | Path Traversal vulnerability in Lantronix Premierwave 2050 8.9.0.0 A directory traversal vulnerability exists in the Web Manager File Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. | 8.8 |
| 2021-12-22 | CVE-2021-21880 | Path Traversal vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. | 7.2 |