Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-04 | CVE-2019-1000008 | Path Traversal vulnerability in Helm All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. | 6.5 |
| 2019-02-01 | CVE-2018-16493 | Path Traversal vulnerability in Static-Resource-Server Project Static-Resource-Server 1.7.2 A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL. | 7.5 |
| 2019-02-01 | CVE-2018-16485 | Path Traversal vulnerability in M-Server Project M-Server Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. | 6.5 |
| 2019-02-01 | CVE-2018-16482 | Path Traversal vulnerability in Mcstatic Project Mcstatic A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path. | 7.5 |
| 2019-02-01 | CVE-2018-16479 | Path Traversal vulnerability in Http-Live-Simulator Project Http-Live-Simulator Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL. | 7.5 |
| 2019-02-01 | CVE-2018-0722 | Path Traversal vulnerability in Qnap Photo Station Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device. | 7.5 |
| 2019-01-31 | CVE-2018-19043 | Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI. | 5.3 |
| 2019-01-31 | CVE-2018-19042 | Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI. | 5.3 |
| 2019-01-31 | CVE-2018-19040 | Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2 The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI. | 5.3 |
| 2019-01-31 | CVE-2019-6111 | Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. | 5.9 |