Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-23 | CVE-2020-24624 | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 7.5 |
| 2020-09-23 | CVE-2020-3143 | Path Traversal vulnerability in Cisco products A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 7.2 |
| 2020-09-22 | CVE-2020-14028 | Path Traversal vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 7.2 |
| 2020-09-18 | CVE-2020-5605 | Path Traversal vulnerability in Buffalo Airstation Whr-G54S Firmware 1.43 Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors. | 4.3 |
| 2020-09-18 | CVE-2020-25734 | Path Traversal vulnerability in Webtareas Project Webtareas 2.0/2.1 webTareas through 2.1 allows files/Default/ Directory Listing. | 5.3 |
| 2020-09-17 | CVE-2020-11700 | Path Traversal vulnerability in Titanhq Spamtitan 7.07 An issue was discovered in Titan SpamTitan 7.07. | 6.5 |
| 2020-09-16 | CVE-2020-2278 | Path Traversal vulnerability in Jenkins Storable Configs 1.0 Jenkins Storable Configs Plugin 1.0 and earlier does not restrict the user-specified file name, allowing attackers with Job/Configure permission to replace any other '.xml' file on the Jenkins controller with a job config.xml file's content. | 6.5 |
| 2020-09-16 | CVE-2020-2277 | Path Traversal vulnerability in Jenkins Storable Configs 1.0 Jenkins Storable Configs Plugin 1.0 and earlier allows users with Job/Read permission to read arbitrary files on the Jenkins controller. | 6.5 |
| 2020-09-16 | CVE-2020-2275 | Path Traversal vulnerability in Jenkins Copy Data to Workspace 1.0 Jenkins Copy data to workspace Plugin 1.0 and earlier does not limit which directories can be copied from the Jenkins controller to job workspaces, allowing attackers with Job/Configure permission to read arbitrary files on the Jenkins controller. | 6.5 |
| 2020-09-16 | CVE-2020-2254 | Path Traversal vulnerability in Jenkins Blue Ocean Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system. | 6.5 |