Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-21 | CVE-2020-1082 | Path Traversal vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-05-21 | CVE-2020-5752 | Path Traversal vulnerability in Druva Insync Client 6.6.3 Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. | 7.8 |
| 2020-05-15 | CVE-2020-13093 | Path Traversal vulnerability in Ispyconnect Agent DVR 2.7.0.0 iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. | 5.3 |
| 2020-05-14 | CVE-2019-17572 | Path Traversal vulnerability in Apache Rocketmq In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. | 5.3 |
| 2020-05-13 | CVE-2020-11073 | Path Traversal vulnerability in Autoswitch Python Virtualenv Project Autoswitch Python Virtualenv In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. | 7.8 |
| 2020-05-13 | CVE-2020-12832 | Path Traversal vulnerability in Simplefilelist Simple-File-List WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. | 9.8 |
| 2020-05-12 | CVE-2020-8159 | Path Traversal vulnerability in multiple products There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view. | 9.8 |
| 2020-05-11 | CVE-2020-7647 | Path Traversal vulnerability in Jooby All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors. | 5.3 |
| 2020-05-11 | CVE-2020-5834 | Path Traversal vulnerability in Symantec Endpoint Protection Manager Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory. | 5.3 |
| 2020-05-09 | CVE-2020-12765 | Path Traversal vulnerability in Solis Miolo 2.0 Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal. | 5.3 |