Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-09 | CVE-2021-21475 | Path Traversal vulnerability in SAP Netweaver Master Data Management Server 710/710.750 Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. | 7.5 |
| 2021-02-09 | CVE-2021-25140 | Path Traversal vulnerability in HP Moonshot Provisioning Manager 1.20 A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. | 9.8 |
| 2021-02-09 | CVE-2021-26719 | Path Traversal vulnerability in Gradle products A directory traversal issue was discovered in Gradle gradle-enterprise-test-distribution-agent before 1.3.2, test-distribution-gradle-plugin before 1.3.2, and gradle-enterprise-maven-extension before 1.8.2. | 6.5 |
| 2021-02-08 | CVE-2021-26575 | Path Traversal vulnerability in HPE Baseboard Management Controller The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletesolvideofile function. | 7.8 |
| 2021-02-08 | CVE-2021-26574 | Path Traversal vulnerability in HPE Baseboard Management Controller The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a path traversal vulnerability in libifc.so webdeletevideofile function. | 7.8 |
| 2021-02-04 | CVE-2021-1297 | Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. | 7.5 |
| 2021-02-04 | CVE-2021-1296 | Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. | 7.5 |
| 2021-02-03 | CVE-2020-27994 | Path Traversal vulnerability in Solarwinds Serv-U SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal. | 6.5 |
| 2021-02-03 | CVE-2020-29166 | Path Traversal vulnerability in Rainbowfishsoftware Pacsone Server PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which can result in remote information disclosure. | 7.5 |
| 2021-02-02 | CVE-2021-21284 | Path Traversal vulnerability in multiple products In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. | 6.8 |