Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2024-07-29 CVE-2024-7248 Path Traversal vulnerability in Comodo Internet Security 12.2.4.8032
Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability.
local
low complexity
comodo CWE-22
7.8
2024-07-24 CVE-2024-7080 Path Traversal vulnerability in Insurance Management System Project Insurance Management System 1.0
A vulnerability was found in SourceCodester Insurance Management System 1.0.
7.5
2024-07-24 CVE-2024-40422 Path Traversal vulnerability in Stitionai Devika 1.0
The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack.
network
low complexity
stitionai CWE-22
critical
9.1
2024-07-22 CVE-2024-6791 Path Traversal vulnerability in NI Veristand
A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that may result in remote code execution.
local
low complexity
ni CWE-22
7.8
2024-07-22 CVE-2024-40051 Path Traversal vulnerability in Ip-Guard 4.81.0307.0
IP Guard v4.81.0307.0 was discovered to contain an arbitrary file read vulnerability via the file name parameter.
network
low complexity
ip-guard CWE-22
7.5
2024-07-22 CVE-2024-39688 Path Traversal vulnerability in Fish.Audio Bert-Vits2
Bert-VITS2 is the VITS2 Backbone with multilingual bert.
network
low complexity
fish-audio CWE-22
6.5
2024-07-22 CVE-2024-41704 Path Traversal vulnerability in Librechat
LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images.
network
low complexity
librechat CWE-22
critical
9.8
2024-07-18 CVE-2024-40628 Path Traversal vulnerability in Fit2Cloud Jumpserver
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
network
low complexity
fit2cloud CWE-22
critical
9.1
2024-07-18 CVE-2024-40629 Path Traversal vulnerability in Fit2Cloud Jumpserver
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
network
low complexity
fit2cloud CWE-22
critical
9.8
2024-07-18 CVE-2024-6164 Path Traversal vulnerability in Ymc-22 Filter & Grids
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter.
network
low complexity
ymc-22 CWE-22
critical
9.8