Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2022-29509 Path Traversal vulnerability in Tandd T&D Server and Thermo Recorder Data Server Firmware
Directory traversal vulnerability in T&D Data Server (Japanese Edition) Ver.2.22 and earlier, T&D Data Server (English Edition) Ver.2.30 and earlier, THERMO RECORDER DATA SERVER (Japanese Edition) Ver.2.13 and earlier, and THERMO RECORDER DATA SERVER (English Edition) Ver.2.13 and earlier allows a remote attacker to view an arbitrary file on the server via unspecified vectors.
network
low complexity
tandd CWE-22
5.0
2022-06-13 CVE-2022-1657 Path Traversal vulnerability in Artbees Jupiter and Jupiterx
Vulnerable versions of the Jupiter (<= 6.10.1) and JupiterX (<= 2.0.6) Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion.
network
low complexity
artbees CWE-22
6.5
2022-06-13 CVE-2022-26041 Path Traversal vulnerability in Generex Rccmd 4.26
Directory traversal vulnerability in RCCMD 4.26 and earlier allows a remote authenticated attacker with an administrative privilege to read or alter an arbitrary file on the server via unspecified vectors.
network
low complexity
generex CWE-22
5.5
2022-06-10 CVE-2022-24278 Path Traversal vulnerability in Convert-Svg Project Convert-Svg
The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags.
network
low complexity
convert-svg-project CWE-22
7.5
2022-06-10 CVE-2022-29093 Path Traversal vulnerability in Dell products
Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion vulnerability.
local
low complexity
dell CWE-22
3.6
2022-06-10 CVE-2022-29094 Path Traversal vulnerability in Dell products
Dell SupportAssist Client Consumer versions (3.10.4 and versions prior) and Dell SupportAssist Client Commercial versions (3.1.1 and versions prior) contain an arbitrary file deletion/overwrite vulnerability.
local
low complexity
dell CWE-22
3.6
2022-06-10 CVE-2021-42811 Path Traversal vulnerability in Thalesgroup Safenet Keysecure 8.12.0
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SafeNet KeySecure allows an authenticated user to read arbitrary files from the underlying system on which the product is deployed.
network
low complexity
thalesgroup CWE-22
4.0
2022-06-09 CVE-2022-1992 Path Traversal vulnerability in Gogs
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
network
low complexity
gogs CWE-22
6.4
2022-06-09 CVE-2022-1993 Path Traversal vulnerability in Gogs
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
network
low complexity
gogs CWE-22
5.5
2022-06-09 CVE-2021-40668 Path Traversal vulnerability in Http File Server Project Http File Server 1.4.1
The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write.
network
low complexity
http-file-server-project CWE-22
5.5