Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-6759 | Path Traversal vulnerability in Freebsd When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". | 5.3 |
| 2024-08-12 | CVE-2024-7399 | Path Traversal vulnerability in Samsung Magicinfo 9 Server Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority. | 7.5 |
| 2024-08-12 | CVE-2024-7693 | Path Traversal vulnerability in Raidenmaild Raiden MAILD Remote Management System from Team Johnlong Software has a Relative Path Traversal vulnerability, allowing unauthenticated remote attackers to read arbitrary file on the remote server. | 7.5 |
| 2024-08-08 | CVE-2024-42408 | Path Traversal vulnerability in Dorsettcontrols Infoscan 1.32/1.33/1.35 The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure. | 3.7 |
| 2024-08-07 | CVE-2024-6707 | Path Traversal vulnerability in Openwebui Open Webui 0.1.105 Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. | 8.8 |
| 2024-08-07 | CVE-2024-37403 | Path Traversal vulnerability in Ivanti Docs@Work Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. | 5.5 |
| 2024-08-06 | CVE-2024-39226 | Path Traversal vulnerability in Gl-Inet products GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a vulnerability can be exploited to manipulate routers by passing malicious shell commands through the s2s API. | 9.8 |
| 2024-08-06 | CVE-2024-7564 | Path Traversal vulnerability in Logsign Unified Secops Platform 6.4.11 Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. | 6.5 |
| 2024-08-06 | CVE-2024-7551 | Path Traversal vulnerability in Juzaweb CMS A vulnerability was found in juzaweb CMS up to 3.4.2. | 4.9 |
| 2024-08-06 | CVE-2024-6781 | Path Traversal vulnerability in Calibre-Ebook Calibre Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read. | 7.5 |