Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-21 | CVE-2020-8227 | Path Traversal vulnerability in Nextcloud Desktop Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory. | 6.8 |
| 2020-08-21 | CVE-2020-15858 | Path Traversal vulnerability in Thalesgroup products Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allow Directory Traversal by physically proximate attackers. | 6.4 |
| 2020-08-21 | CVE-2020-24571 | Path Traversal vulnerability in Nexusdb NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal. | 7.5 |
| 2020-08-19 | CVE-2020-24368 | Path Traversal vulnerability in multiple products Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. | 7.5 |
| 2020-08-17 | CVE-2020-8209 | Path Traversal vulnerability in Citrix Xenmobile Server Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files. | 7.5 |
| 2020-08-14 | CVE-2020-9708 | Path Traversal vulnerability in Adobe Git-Server The resolveRepositoryPath function doesn't properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot. | 7.5 |
| 2020-08-13 | CVE-2019-4582 | Path Traversal vulnerability in IBM Maximo Asset Management 7.6.0.0/7.6.0.1 IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system. | 4.3 |
| 2020-08-12 | CVE-2020-8913 | Path Traversal vulnerability in Android Play Core Library A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. | 8.8 |
| 2020-08-07 | CVE-2020-13376 | Path Traversal vulnerability in Securenvoy Securmail 9.3.503 SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie. | 9.0 |
| 2020-08-05 | CVE-2020-5609 | Path Traversal vulnerability in Yokogawa products Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors. | 9.8 |