Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-29 | CVE-2020-7648 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. | 6.5 |
| 2020-05-29 | CVE-2020-7652 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. | 6.5 |
| 2020-05-29 | CVE-2020-7651 | Path Traversal vulnerability in Synk Broker All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. | 4.3 |
| 2020-05-27 | CVE-2020-8604 | Path Traversal vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. | 7.5 |
| 2020-05-26 | CVE-2020-12392 | Path Traversal vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. | 5.5 |
| 2020-05-21 | CVE-2020-1082 | Path Traversal vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-05-21 | CVE-2020-5752 | Path Traversal vulnerability in Druva Insync Client 6.6.3 Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. | 7.8 |
| 2020-05-15 | CVE-2020-13093 | Path Traversal vulnerability in Ispyconnect Agent DVR 2.7.0.0 iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. | 5.3 |
| 2020-05-14 | CVE-2019-17572 | Path Traversal vulnerability in Apache Rocketmq In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. | 5.3 |
| 2020-05-13 | CVE-2020-11073 | Path Traversal vulnerability in Autoswitch Python Virtualenv Project Autoswitch Python Virtualenv In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. | 7.8 |