Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-25 | CVE-2020-10579 | Path Traversal vulnerability in Invigo Automatic Device Management 5.0 A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the application. | 7.5 |
| 2021-03-25 | CVE-2021-25367 | Path Traversal vulnerability in Samsung Notes 2.0.02.31 Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | 5.4 |
| 2021-03-24 | CVE-2021-1385 | Path Traversal vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco IOx application hosting environment of multiple Cisco platforms could allow an authenticated, remote attacker to conduct directory traversal attacks and read and write files on the underlying operating system or host system. | 6.5 |
| 2021-03-17 | CVE-2020-13924 | Path Traversal vulnerability in Apache Ambari In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files. | 7.5 |
| 2021-03-15 | CVE-2020-29556 | Path Traversal vulnerability in Getgrav Grav CMS The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. | 5.5 |
| 2021-03-15 | CVE-2020-29555 | Path Traversal vulnerability in Getgrav Grav CMS The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. | 8.1 |
| 2021-03-15 | CVE-2021-23357 | Path Traversal vulnerability in TYK All versions of package github.com/tyktechnologies/tyk/gateway are vulnerable to Directory Traversal via the handleAddOrUpdateApi function. | 5.3 |
| 2021-03-10 | CVE-2020-5016 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2021-03-10 | CVE-2021-20669 | Path Traversal vulnerability in Weseek Growi Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read and/or delete an arbitrary path via a specially crafted URL. | 4.7 |
| 2021-03-10 | CVE-2021-20668 | Path Traversal vulnerability in Weseek Growi Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read an arbitrary path via a specially crafted URL. | 2.7 |