Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-13 | CVE-2019-9726 | Path Traversal vulnerability in Eq-3 Ccu3 Firmware Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. | 7.5 |
| 2019-05-13 | CVE-2015-9287 | Path Traversal vulnerability in CAM the University of Cambridge web Authentication System Apache Authentication Agent Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. | 9.8 |
| 2019-05-13 | CVE-2012-6652 | Path Traversal vulnerability in Page Flip Book Project Page Flip Book Directory traversal vulnerability in pageflipbook.php script from index.php in Page Flip Book plugin for WordPress (wppageflip) allows remote attackers to include and execute arbitrary local files via a .. | 9.8 |
| 2019-05-13 | CVE-2018-12298 | Path Traversal vulnerability in Seagate NAS OS 4.3.15.1 Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path. | 7.5 |
| 2019-05-10 | CVE-2019-11082 | Path Traversal vulnerability in Dkpro-Core Project Dkpro-Core core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive. | 7.5 |
| 2019-05-09 | CVE-2019-0226 | Path Traversal vulnerability in Apache Karaf Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. | 4.9 |
| 2019-05-08 | CVE-2019-11510 | Path Traversal vulnerability in Ivanti Connect Secure 8.2/8.3/9.0 In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . | 10.0 |
| 2019-05-08 | CVE-2019-11508 | Path Traversal vulnerability in multiple products In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance. | 7.2 |
| 2019-05-06 | CVE-2019-3799 | Path Traversal vulnerability in multiple products Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. | 6.5 |
| 2019-05-03 | CVE-2019-1854 | Path Traversal vulnerability in Cisco Telepresence Video Communication Server X8.11.4 A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote attacker to perform a directory traversal attack against an affected device. | 4.3 |