Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-29 | CVE-2021-32061 | Path Traversal vulnerability in S3Scanner Project S3Scanner S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated by a <Key>../ substring in a ListBucketResult element. | 5.3 |
| 2021-11-23 | CVE-2021-37023 | Path Traversal vulnerability in Huawei Harmonyos 2.0 There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network.. | 6.5 |
| 2021-11-22 | CVE-2020-7882 | Path Traversal vulnerability in Hancom Anysign4Pc 1.1.1.0/1.1.2.6/1.1.2.7 Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files. | 9.1 |
| 2021-11-22 | CVE-2021-33491 | Path Traversal vulnerability in Open-Xchange OX APP Suite 7.10.5 OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records. | 6.5 |
| 2021-11-22 | CVE-2021-38146 | Path Traversal vulnerability in Wipro Holmes 20.4.1 The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data. | 7.5 |
| 2021-11-19 | CVE-2021-43555 | Path Traversal vulnerability in Myscada Mydesigner mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. | 7.8 |
| 2021-11-19 | CVE-2021-22028 | Path Traversal vulnerability in Greenplum In versions of Greenplum database prior to 5.28.6 and 6.14.0, greenplum database contains a file path traversal vulnerability leading to information disclosure from the file system. | 9.1 |
| 2021-11-18 | CVE-2021-37938 | Path Traversal vulnerability in Elastic Kibana It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. | 4.3 |
| 2021-11-17 | CVE-2021-41277 | Path Traversal vulnerability in Metabase Metabase is an open source data analytics platform. | 7.5 |
| 2021-11-15 | CVE-2021-41950 | Path Traversal vulnerability in Montala Resourcespace 9.6 A directory traversal issue in ResourceSpace 9.6 before 9.6 rev 18277 allows remote unauthenticated attackers to delete arbitrary files on the ResourceSpace server via the provider and variant parameters in pages/ajax/tiles.php. | 9.1 |