Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-02-02 CVE-2021-42753 Path Traversal vulnerability in Fortinet Fortiweb
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.x, 6.1.x, 6.0.x, 5.9.x and 5.8.x may allow an authenticated attacker to perform an arbitrary file and directory deletion in the device filesystem.
network
low complexity
fortinet CWE-22
8.1
8.1
2022-02-01 CVE-2022-23602 Path Traversal vulnerability in Nim-Lang Docutils and Nimforum
Nimforum is a lightweight alternative to Discourse written in Nim.
network
low complexity
nim-lang CWE-22
8.1
8.1
2022-01-31 CVE-2021-23520 Path Traversal vulnerability in Juce
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp.
network
low complexity
juce CWE-22
critical
 9.8
9.8
2022-01-31 CVE-2021-34805 Path Traversal vulnerability in Land-Software Faust Iserver
An issue was discovered in FAUST iServer before 9.0.019.019.7.
network
low complexity
land-software CWE-22
7.5
7.5
2022-01-31 CVE-2022-23409 Path Traversal vulnerability in Ethercreative Logs
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php.
network
low complexity
ethercreative CWE-22
4.9
4.9
2022-01-28 CVE-2021-23484 Path Traversal vulnerability in Zip-Local Project Zip-Local
The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intended extraction directory.
network
low complexity
zip-local-project CWE-22
critical
 9.8
9.8
2022-01-28 CVE-2022-22790 Path Traversal vulnerability in Synel Eharmony 8.0.2.3
SYNEL - eharmony Directory Traversal.
network
low complexity
synel CWE-22
7.5
7.5
2022-01-26 CVE-2021-32841 Path Traversal vulnerability in Sharpziplib Project Sharpziplib 1.3.0/1.3.1/1.3.2
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library.
network
low complexity
sharpziplib-project CWE-22
5.3
5.3
2022-01-26 CVE-2021-32840 Path Traversal vulnerability in Sharpziplib Project Sharpziplib
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library.
network
low complexity
sharpziplib-project CWE-22
critical
 9.8
9.8
2022-01-26 CVE-2021-32842 Path Traversal vulnerability in Sharpziplib Project Sharpziplib
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library.
network
low complexity
sharpziplib-project CWE-22
5.3
5.3