Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-07 | CVE-2024-0849 | Path Traversal vulnerability in Leanote Desktop 2.7.0 Leanote version 2.7.0 allows obtaining arbitrary local files. | 5.5 |
| 2024-02-06 | CVE-2024-22514 | Path Traversal vulnerability in Ispyconnect Agent DVR 5.1.6.0 An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file. | 8.8 |
| 2024-02-06 | CVE-2024-24591 | Path Traversal vulnerability in Clear Clearml 1.14.1/1.4.0 A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user’s system when interacted with. | 8.8 |
| 2024-02-06 | CVE-2024-23673 | Path Traversal vulnerability in Apache Sling Servlets Resolver Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. | 7.5 |
| 2024-02-06 | CVE-2024-24938 | Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation | 5.3 |
| 2024-02-06 | CVE-2024-24940 | Path Traversal vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives | 4.3 |
| 2024-02-06 | CVE-2024-24942 | Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives | 5.3 |
| 2024-02-06 | CVE-2024-24398 | Path Traversal vulnerability in Stimulsoft Dashboards.PHP Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function. | 9.8 |
| 2024-02-05 | CVE-2024-0964 | Path Traversal vulnerability in Gradio Project Gradio A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request. | 9.4 |
| 2024-02-05 | CVE-2024-0380 | Path Traversal vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shortcodes. | 4.3 |