Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-02 | CVE-2014-9356 | Path Traversal vulnerability in Docker Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile. | 8.6 |
| 2019-11-29 | CVE-2015-2060 | Path Traversal vulnerability in Cabextract Project Cabextract cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. | 5.3 |
| 2019-11-29 | CVE-2019-18922 | Path Traversal vulnerability in Alliedtelesis At-Gs950/8 Firmware A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. | 7.5 |
| 2019-11-28 | CVE-2019-19372 | Path Traversal vulnerability in Rconfig A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. | 7.5 |
| 2019-11-27 | CVE-2019-18253 | Path Traversal vulnerability in Hitachienergy Relion 670 Firmware An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory. | 10.0 |
| 2019-11-27 | CVE-2019-10220 | Path Traversal vulnerability in multiple products Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | 8.8 |
| 2019-11-26 | CVE-2015-9538 | Path Traversal vulnerability in Imagely Nextgen Gallery The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path selection. | 6.5 |
| 2019-11-26 | CVE-2011-4350 | Path Traversal vulnerability in multiple products Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. | 6.5 |
| 2019-11-25 | CVE-2019-17406 | Path Traversal vulnerability in Nokia Impact Nokia IMPACT < 18A has path traversal that may lead to RCE if chained with CVE-2019-1743 | 5.3 |
| 2019-11-25 | CVE-2015-1396 | Path Traversal vulnerability in multiple products A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. | 7.5 |