Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-05 | CVE-2018-20250 | Path Traversal vulnerability in Rarlab Winrar In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). | 7.8 |
| 2019-02-05 | CVE-2018-18990 | Path Traversal vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870 LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. | 5.3 |
| 2019-02-05 | CVE-2019-7403 | Path Traversal vulnerability in PHPmywind 5.5 An issue was discovered in PHPMyWind 5.5. | 4.9 |
| 2019-02-04 | CVE-2019-7387 | Path Traversal vulnerability in Systrome products A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. | 6.5 |
| 2019-02-04 | CVE-2019-1000009 | Path Traversal vulnerability in Helm Chartmuseum Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in HTTP API to save charts that can result in a specially crafted chart could be uploaded and saved outside the intended location. | 6.5 |
| 2019-02-04 | CVE-2019-1000008 | Path Traversal vulnerability in Helm All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. | 6.5 |
| 2019-02-01 | CVE-2018-16493 | Path Traversal vulnerability in Static-Resource-Server Project Static-Resource-Server 1.7.2 A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL. | 7.5 |
| 2019-02-01 | CVE-2018-16485 | Path Traversal vulnerability in M-Server Project M-Server Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. | 6.5 |
| 2019-02-01 | CVE-2018-16482 | Path Traversal vulnerability in Mcstatic Project Mcstatic A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path. | 7.5 |
| 2019-02-01 | CVE-2018-16479 | Path Traversal vulnerability in Http-Live-Simulator Project Http-Live-Simulator Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL. | 7.5 |