Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-27 | CVE-2021-37124 | Path Traversal vulnerability in Huawei PC Smart Full Scene and Pcmanager There is a path traversal vulnerability in Huawei PC product. | 6.5 |
| 2021-10-27 | CVE-2021-37130 | Path Traversal vulnerability in Huawei Fusioncube Firmware 6.0.2 There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. | 7.5 |
| 2021-10-26 | CVE-2019-3556 | Path Traversal vulnerability in Facebook Hhvm HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. | 8.1 |
| 2021-10-25 | CVE-2021-40371 | Path Traversal vulnerability in Gridprosoftware Request Management Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap. | 9.8 |
| 2021-10-22 | CVE-2020-23038 | Path Traversal vulnerability in Kumilabs Swift File Transfer Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. | 7.5 |
| 2021-10-22 | CVE-2020-23040 | Path Traversal vulnerability in SKY File Project SKY File 2.1.0 Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows attackers to access sensitive data and files via 'null' path commands. | 7.5 |
| 2021-10-22 | CVE-2020-23061 | Path Traversal vulnerability in Dropouts Super Backup 2.0.5 Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the `list` and `download` module which allows attackers to perform a directory traversal via a change to the path variable to request the local list command. | 7.5 |
| 2021-10-22 | CVE-2020-36488 | Path Traversal vulnerability in SKY File Project SKY File 2.1.0 An issue in the FTP server of Sky File v2.1.0 allows attackers to perform directory traversal via `/null//` path commands. | 6.5 |
| 2021-10-22 | CVE-2021-42556 | Path Traversal vulnerability in Rasa X Rasa X before 0.42.4 allows Directory Traversal during archive extraction. | 5.5 |
| 2021-10-22 | CVE-2021-35230 | Path Traversal vulnerability in Solarwinds Kiwi Cattools 3.6.0(Serviceedition) As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. | 6.7 |