Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-31 | CVE-2020-25032 | Path Traversal vulnerability in multiple products An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. | 7.5 |
| 2020-08-30 | CVE-2020-14352 | Path Traversal vulnerability in multiple products A flaw was found in librepo in versions before 1.12.1. | 8.0 |
| 2020-08-26 | CVE-2020-12456 | Path Traversal vulnerability in Mitel Mivoice Connect A remote code execution vulnerability in Mitel MiVoice Connect Client before 214.100.1223.0 could allow an attacker to execute arbitrary code in the chat notification window, due to improper rendering of chat messages. | 8.8 |
| 2020-08-26 | CVE-2020-3490 | Path Traversal vulnerability in Cisco Vision Dynamic Signage Director 6.2.0 A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct directory traversal attacks and obtain read access to sensitive files on an affected system. | 4.9 |
| 2020-08-26 | CVE-2020-3440 | Path Traversal vulnerability in Cisco Webex Meetings A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. | 6.5 |
| 2020-08-25 | CVE-2020-16245 | Path Traversal vulnerability in Advantech Iview 5.6/5.7 Advantech iView, Versions 5.7 and prior. | 9.8 |
| 2020-08-25 | CVE-2020-17385 | Path Traversal vulnerability in Cellopoint Cellos 4.1.10 Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. | 7.5 |
| 2020-08-24 | CVE-2020-7377 | Path Traversal vulnerability in Rapid7 Metasploit The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP server. | 7.5 |
| 2020-08-24 | CVE-2020-7376 | Path Traversal vulnerability in Rapid7 Metasploit The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host. | 9.8 |
| 2020-08-24 | CVE-2020-19877 | Path Traversal vulnerability in Dbhcms Project Dbhcms 1.2.0 DBHcms v1.2.0 has a directory traversal vulnerability as there is no directory control function in directory /dbhcms/. | 5.3 |