Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2021-10-12 CVE-2021-33724 Path Traversal vulnerability in Siemens Sinec NMS 1.0
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1).
network
low complexity
siemens CWE-22
5.0
2021-10-12 CVE-2021-33725 Path Traversal vulnerability in Siemens Sinec NMS 1.0
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1).
network
low complexity
siemens CWE-22
5.0
2021-10-12 CVE-2021-33726 Path Traversal vulnerability in Siemens Sinec NMS 1.0
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1).
network
low complexity
siemens CWE-22
5.0
2021-10-11 CVE-2021-40886 Path Traversal vulnerability in Projectsend R1295
Projectsend version r1295 is affected by a directory traversal vulnerability.
network
low complexity
projectsend CWE-22
4.0
2021-10-11 CVE-2021-40887 Path Traversal vulnerability in Projectsend R1295
Projectsend version r1295 is affected by a directory traversal vulnerability.
network
low complexity
projectsend CWE-22
critical
10.0
2021-10-07 CVE-2021-37922 Path Traversal vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.
network
low complexity
zohocorp CWE-22
5.0
2021-10-07 CVE-2021-42013 Path Traversal vulnerability in multiple products
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient.
network
low complexity
apache fedoraproject CWE-22
7.5
2021-10-07 CVE-2021-40978 Path Traversal vulnerability in Mkdocs 1.2.2
** DISPUTED ** The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information.
network
low complexity
mkdocs CWE-22
5.0
2021-10-06 CVE-2021-21683 Path Traversal vulnerability in Jenkins
The file browser in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Overall/Read permission (Windows controller) or Job/Workspace permission (Windows agents) to obtain the contents of arbitrary files.
network
low complexity
jenkins CWE-22
4.0
2021-10-06 CVE-2021-34711 Path Traversal vulnerability in Cisco products
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system.
local
low complexity
cisco CWE-22
2.1