Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-09 | CVE-2019-14251 | Path Traversal vulnerability in Temenos T24 R15.01 An issue was discovered in T24 in TEMENOS Channels R15.01. | 7.5 |
| 2019-12-05 | CVE-2019-7195 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-05 | CVE-2019-7194 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-04 | CVE-2019-19229 | Path Traversal vulnerability in Fronius products admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allows action=download&filename= Directory Traversal. | 6.5 |
| 2019-12-03 | CVE-2019-19459 | Path Traversal vulnerability in Saltosystem Proaccess Space 5.4.3.0/5.5 An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. | 9.8 |
| 2019-12-03 | CVE-2019-19458 | Path Traversal vulnerability in Saltosystem Proaccess Space 5.4.3.0/5.5 SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature. | 8.6 |
| 2019-12-02 | CVE-2014-9356 | Path Traversal vulnerability in Docker Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile. | 8.6 |
| 2019-11-29 | CVE-2015-2060 | Path Traversal vulnerability in Cabextract Project Cabextract cabextract before 1.6 does not properly check for leading slashes when extracting files, which allows remote attackers to conduct absolute directory traversal attacks via a malformed UTF-8 character that is changed to a UTF-8 encoded slash. | 5.3 |
| 2019-11-29 | CVE-2019-18922 | Path Traversal vulnerability in Alliedtelesis At-Gs950/8 Firmware A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. | 7.5 |
| 2019-11-28 | CVE-2019-19372 | Path Traversal vulnerability in Rconfig A downloadFile.php download_file path traversal vulnerability in rConfig through 3.9.3 allows attackers to list files in arbitrary folders and potentially download files. | 7.5 |