Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-02 | CVE-2020-11491 | Path Traversal vulnerability in Zevenet ZEN Load Balancer 3.10.1 Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi. | 4.9 |
| 2020-04-01 | CVE-2020-8144 | Path Traversal vulnerability in UI Unifi Video The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. | 8.4 |
| 2020-04-01 | CVE-2020-11455 | Path Traversal vulnerability in Limesurvey LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. | 9.8 |
| 2020-03-31 | CVE-2020-10696 | Path Traversal vulnerability in multiple products A path traversal flaw was found in Buildah in versions before 1.14.5. | 8.8 |
| 2020-03-31 | CVE-2020-4240 | Path Traversal vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2020-03-31 | CVE-2020-11414 | Path Traversal vulnerability in Telerik UI for Silverlight An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. | 7.5 |
| 2020-03-30 | CVE-2020-5284 | Path Traversal vulnerability in Zeit Next.Js Next.js versions before 9.3.2 have a directory traversal vulnerability. | 4.3 |
| 2020-03-27 | CVE-2020-10953 | Path Traversal vulnerability in Gitlab In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a path traversal issue. | 7.5 |
| 2020-03-27 | CVE-2015-8535 | Path Traversal vulnerability in Lenovo Solution Center 3.3.0001 MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. | 7.8 |
| 2020-03-25 | CVE-2020-5280 | Path Traversal vulnerability in Typelevel Http4S http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file inclusion vulnerability. | 7.5 |