Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-07 | CVE-2020-15583 | Path Traversal vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. | 5.5 |
| 2020-07-02 | CVE-2020-8161 | Path Traversal vulnerability in multiple products A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure. | 8.6 |
| 2020-07-01 | CVE-2020-5902 | Path Traversal vulnerability in F5 products In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. | 9.8 |
| 2020-07-01 | CVE-2020-13383 | Path Traversal vulnerability in Os4Ed Opensis openSIS through 7.4 allows Directory Traversal. | 7.5 |
| 2020-06-30 | CVE-2020-5588 | Path Traversal vulnerability in Cybozu Garoon 5.0.0/5.0.1 Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors. | 4.9 |
| 2020-06-30 | CVE-2020-5581 | Path Traversal vulnerability in Cybozu Garoon Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. | 6.5 |
| 2020-06-24 | CVE-2020-15026 | Path Traversal vulnerability in Bludit 3.12.0 Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. | 4.9 |
| 2020-06-24 | CVE-2020-7667 | Path Traversal vulnerability in SAS GO RPM Utils In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading ".." which leads in file extraction outside of the current directory. | 7.5 |
| 2020-06-23 | CVE-2020-7668 | Path Traversal vulnerability in Compression and Archive Extensions TZ Project Compression and Archive Extensions TZ Project In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". | 7.5 |
| 2020-06-23 | CVE-2020-7664 | Path Traversal vulnerability in Compression and Archive Extensions Project Compression and Archive Extensions ZIP Project In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". | 7.5 |