Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-01 | CVE-2021-25833 | Path Traversal vulnerability in Onlyoffice Document Server A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. | 9.8 |
| 2021-03-01 | CVE-2020-9479 | Path Traversal vulnerability in Apache Asterixdb When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. | 5.5 |
| 2021-02-27 | CVE-2021-25282 | Path Traversal vulnerability in multiple products An issue was discovered in through SaltStack Salt before 3002.5. | 9.1 |
| 2021-02-24 | CVE-2021-21972 | Path Traversal vulnerability in VMWare Cloud Foundation and Vcenter Server The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. | 9.8 |
| 2021-02-24 | CVE-2021-20661 | Path Traversal vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.0/6.00 Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows authenticated attackers to delete arbitrary files and/or directories on the server via unspecified vectors. | 8.1 |
| 2021-02-23 | CVE-2021-20247 | Path Traversal vulnerability in multiple products A flaw was found in mbsync before v1.3.5 and v1.4.1. | 7.4 |
| 2021-02-22 | CVE-2021-26725 | Path Traversal vulnerability in Nozominetworks Central Management Control and Guardian Path Traversal vulnerability when changing timezone using web GUI of Nozomi Networks Guardian, CMC allows an authenticated administrator to read-protected system files. | 4.9 |
| 2021-02-22 | CVE-2020-29453 | Path Traversal vulnerability in Atlassian Data Center, Jira Data Center and Jira Server The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. | 5.3 |
| 2021-02-19 | CVE-2021-27328 | Path Traversal vulnerability in Yeastar Neogate Tg400 Firmware 91.3.0.3 Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. | 6.5 |
| 2021-02-19 | CVE-2020-9050 | Path Traversal vulnerability in Johnsoncontrols Metasys Reporting Engine 2.0/2.1 Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system. | 7.5 |