Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-04 | CVE-2020-13836 | Path Traversal vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. | 7.5 |
| 2020-06-04 | CVE-2019-16384 | Path Traversal vulnerability in Cybelesoft Thinfinity Virtualui Cybele Thinfinity VirtualUI 2.5.17.2 allows ../ path traversal that can be used for data exfiltration. | 6.5 |
| 2020-06-04 | CVE-2020-13818 | Path Traversal vulnerability in Zohocorp Manageengine Opmanager In Zoho ManageEngine OpManager before 125144, when <cachestart> is used, directory traversal validation can be bypassed. | 7.5 |
| 2020-06-03 | CVE-2020-13795 | Path Traversal vulnerability in Naviwebs Navigate CMS An issue was discovered in Navigate CMS through 2.8.7. | 5.3 |
| 2020-06-03 | CVE-2020-13792 | Path Traversal vulnerability in Playtube 1.8 PlayTube 1.8 allows disclosure of user details via ajax.php?type=../admin-panel/autoload&page=manage-users directory traversal, aka local file inclusion. | 4.3 |
| 2020-06-02 | CVE-2020-5410 | Path Traversal vulnerability in VMWare Spring Cloud Config Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. | 7.5 |
| 2020-06-02 | CVE-2020-13227 | Path Traversal vulnerability in Sysax Multi Server 6.90 An issue was discovered in Sysax Multi Server 6.90. | 5.3 |
| 2020-06-01 | CVE-2014-8939 | Path Traversal vulnerability in Piwigo Lexiglot Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages. | 5.3 |
| 2020-06-01 | CVE-2014-7174 | Path Traversal vulnerability in Farsite Farlinx X25 Gateway Firmware 20140925 FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature. | 5.3 |
| 2020-05-29 | CVE-2020-7650 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. | 6.5 |