Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-02 | CVE-2020-5410 | Path Traversal vulnerability in VMWare Spring Cloud Config Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. | 7.5 |
| 2020-06-02 | CVE-2020-13227 | Path Traversal vulnerability in Sysax Multi Server 6.90 An issue was discovered in Sysax Multi Server 6.90. | 5.3 |
| 2020-06-01 | CVE-2014-8939 | Path Traversal vulnerability in Piwigo Lexiglot Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages. | 5.3 |
| 2020-06-01 | CVE-2014-7174 | Path Traversal vulnerability in Farsite Farlinx X25 Gateway Firmware 20140925 FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature. | 5.3 |
| 2020-05-29 | CVE-2020-7650 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. | 6.5 |
| 2020-05-29 | CVE-2020-7648 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. | 6.5 |
| 2020-05-29 | CVE-2020-7652 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 6.5 |
| 2020-05-29 | CVE-2020-7651 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. | 4.3 |
| 2020-05-27 | CVE-2020-8604 | Path Traversal vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. | 7.5 |
| 2020-05-26 | CVE-2020-12392 | Path Traversal vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. | 5.5 |