Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-17 | CVE-2020-26405 | Path Traversal vulnerability in Gitlab Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. | 7.1 |
| 2020-11-17 | CVE-2020-27553 | Path Traversal vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. | 7.5 |
| 2020-11-16 | CVE-2020-8271 | Path Traversal vulnerability in Citrix Sd-Wan Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 | 9.8 |
| 2020-11-12 | CVE-2020-27385 | Path Traversal vulnerability in Flexdotnetcms Project Flexdotnetcms Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/) in FlexDotnetCMS before v1.5.11 allows an authenticated remote attacker to read and write to existing files outside the web root. | 8.1 |
| 2020-11-12 | CVE-2020-12315 | Path Traversal vulnerability in Intel Endpoint Management Assistant 1.3.1/1.3.2/1.3.2.1 Path traversal in the Intel(R) EMA before version 1.3.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 |
| 2020-11-10 | CVE-2020-25074 | Path Traversal vulnerability in multiple products The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. | 9.8 |
| 2020-11-09 | CVE-2020-14366 | Path Traversal vulnerability in Redhat Keycloak A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. | 7.5 |
| 2020-11-09 | CVE-2020-24406 | Path Traversal vulnerability in Magento When in maintenance mode, Magento version 2.4.0 and 2.3.4 (and earlier) are affected by an information disclosure vulnerability that could expose the installation path during build deployments. | 3.7 |
| 2020-11-06 | CVE-2020-3588 | Path Traversal vulnerability in Cisco Webex Meetings A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. | 7.8 |
| 2020-11-06 | CVE-2020-27128 | Path Traversal vulnerability in Cisco Sd-Wan A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. | 6.5 |