Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-16 | CVE-2020-2254 | Path Traversal vulnerability in Jenkins Blue Ocean Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system. | 6.5 |
| 2020-09-16 | CVE-2020-7268 | Path Traversal vulnerability in Mcafee Email Gateway Path Traversal vulnerability in McAfee McAfee Email Gateway (MEG) prior to 7.6.406 allows remote attackers to traverse the file system to access files or directories that are outside of the restricted directory via external input to construct a path name that should be within a restricted directory. | 4.3 |
| 2020-09-15 | CVE-2020-4711 | Path Traversal vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2020-09-14 | CVE-2020-25540 | Path Traversal vulnerability in Thinkadmin 6.0 ThinkAdmin v6 is affected by a directory traversal vulnerability. | 7.5 |
| 2020-09-11 | CVE-2020-25248 | Path Traversal vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. | 7.5 |
| 2020-09-11 | CVE-2020-25247 | Path Traversal vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. | 7.5 |
| 2020-09-04 | CVE-2019-20916 | Path Traversal vulnerability in multiple products The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. | 7.5 |
| 2020-09-04 | CVE-2020-3365 | Path Traversal vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. | 6.5 |
| 2020-09-03 | CVE-2020-25068 | Path Traversal vulnerability in Setelsa-Security Conacwin 3.7.1.2 Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. | 7.5 |
| 2020-09-01 | CVE-2020-6142 | Path Traversal vulnerability in Os4Ed Opensis 7.3 A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. | 9.8 |