Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-27730 | Path Traversal vulnerability in multiple products In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities. | 9.8 |
| 2020-12-09 | CVE-2020-26837 | Path Traversal vulnerability in SAP Solution Manager 7.20 SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the modification of some configurations and partially compromise availability by making certain services unavailable. | 9.1 |
| 2020-12-08 | CVE-2020-27896 | Path Traversal vulnerability in Apple mac OS X and Macos A path handling issue was addressed with improved validation. | 5.5 |
| 2020-12-08 | CVE-2020-10014 | Path Traversal vulnerability in Apple mac OS X and Macos A parsing issue in the handling of directory paths was addressed with improved path validation. | 6.3 |
| 2020-12-08 | CVE-2020-10010 | Path Traversal vulnerability in Apple products A path handling issue was addressed with improved validation. | 7.8 |
| 2020-12-07 | CVE-2020-29600 | Path Traversal vulnerability in multiple products In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. | 9.8 |
| 2020-12-01 | CVE-2020-28993 | Path Traversal vulnerability in ATX Minicmts200A Firmware 2.0 A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. | 7.5 |
| 2020-11-28 | CVE-2020-29373 | Path Traversal vulnerability in Linux Kernel An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. | 6.5 |
| 2020-11-27 | CVE-2017-15684 | Path Traversal vulnerability in Craftercms Crafter CMS 3.0.0 Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system. | 7.5 |
| 2020-11-27 | CVE-2017-15681 | Path Traversal vulnerability in Craftercms Crafter CMS 3.0.0 In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE. | 9.8 |