Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-12 | CVE-2021-38460 | Path Traversal vulnerability in Moxa Mxview A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries. | 7.5 |
| 2021-10-11 | CVE-2021-29006 | Path Traversal vulnerability in Rconfig 3.9.6 rConfig 3.9.6 is affected by a Local File Disclosure vulnerability. | 6.5 |
| 2021-10-11 | CVE-2021-40886 | Path Traversal vulnerability in Projectsend R1295 Projectsend version r1295 is affected by a directory traversal vulnerability. | 6.5 |
| 2021-10-11 | CVE-2021-40887 | Path Traversal vulnerability in Projectsend R1295 Projectsend version r1295 is affected by a directory traversal vulnerability. | 9.8 |
| 2021-10-07 | CVE-2021-37922 | Path Traversal vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another. | 5.3 |
| 2021-10-07 | CVE-2021-40978 | Path Traversal vulnerability in Mkdocs 1.2.2 The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. | 7.5 |
| 2021-10-06 | CVE-2021-21683 | Path Traversal vulnerability in Jenkins The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission (Windows controller) or Job/Workspace permission (Windows agents) to obtain the contents of arbitrary files. | 6.5 |
| 2021-10-06 | CVE-2021-34711 | Path Traversal vulnerability in Cisco products A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. | 5.5 |
| 2021-10-06 | CVE-2021-25485 | Path Traversal vulnerability in Google Android 10.0/11.0 Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | 8.0 |
| 2021-10-06 | CVE-2020-15941 | Path Traversal vulnerability in Fortinet Forticlient Endpoint Management Server A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name parameter of Deployment Packages. | 5.4 |