Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-03 | CVE-2019-5480 | Path Traversal vulnerability in Statichttpserver Project Statichttpserver A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders. | 5.3 |
| 2019-09-03 | CVE-2019-10197 | Path Traversal vulnerability in multiple products A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. | 9.1 |
| 2019-08-30 | CVE-2019-15630 | Path Traversal vulnerability in Mulesoft API Gateway and Mule Runtime Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process. | 7.5 |
| 2019-08-30 | CVE-2019-15822 | Path Traversal vulnerability in Wpserveur WPS Child Theme Generator 1.0/1.1 The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal. | 9.8 |
| 2019-08-30 | CVE-2019-6113 | Path Traversal vulnerability in Onkyo Tx-Nr686 Firmware 1030500010400010 Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2019-08-29 | CVE-2019-3394 | Path Traversal vulnerability in Atlassian Confluence There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. | 8.8 |
| 2019-08-29 | CVE-2019-11249 | Path Traversal vulnerability in multiple products The kubectl cp command allows copying files between containers and the user machine. | 6.5 |
| 2019-08-29 | CVE-2019-11246 | Path Traversal vulnerability in Kubernetes The kubectl cp command allows copying files between containers and the user machine. | 6.5 |
| 2019-08-28 | CVE-2019-15714 | Path Traversal vulnerability in Entropic Project Entropic cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations. | 5.3 |
| 2019-08-27 | CVE-2019-13237 | Path Traversal vulnerability in Alkacon Opencms Apollo Template 10.5.4/10.5.5 In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp. | 4.3 |