Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2020-27859 | Path Traversal vulnerability in NEC Esmpro Manager 6.42 This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager 6.42. | 7.5 |
| 2021-01-20 | CVE-2020-19360 | Path Traversal vulnerability in Fhem 6.0 Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure. | 7.5 |
| 2021-01-19 | CVE-2021-3178 | Path Traversal vulnerability in multiple products fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. | 6.5 |
| 2021-01-15 | CVE-2020-35749 | Path Traversal vulnerability in Presstigers Simple Board JOB Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php. | 7.7 |
| 2021-01-14 | CVE-2020-29494 | Path Traversal vulnerability in Dell products Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. | 8.7 |
| 2021-01-13 | CVE-2021-3139 | Path Traversal vulnerability in Tcmu-Runner Project Tcmu-Runner In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. | 8.1 |
| 2021-01-13 | CVE-2021-21605 | Path Traversal vulnerability in Jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file. | 8.0 |
| 2021-01-13 | CVE-2020-28374 | Path Traversal vulnerability in multiple products In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. | 8.1 |
| 2021-01-12 | CVE-2020-27637 | Path Traversal vulnerability in R-Project Cran 4.0.2 The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. | 9.8 |
| 2021-01-08 | CVE-2020-5804 | Path Traversal vulnerability in Marvell Qconvergeconslole GUI 5.5.0.74 Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability. | 8.1 |