Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-23 | CVE-2018-1999020 | Path Traversal vulnerability in Opennetworking Onos Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite). | 5.5 |
| 2018-07-23 | CVE-2018-6677 | Path Traversal vulnerability in Mcafee web Gateway 7.8.1.0 Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors. | 9.1 |
| 2018-07-20 | CVE-2018-3770 | Path Traversal vulnerability in Markdown-Pdf Project Markdown-Pdf A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files. | 5.5 |
| 2018-07-18 | CVE-2018-14364 | Path Traversal vulnerability in Gitlab GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component. | 9.8 |
| 2018-07-18 | CVE-2018-14371 | Path Traversal vulnerability in Eclipse Mojarra The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. | 7.5 |
| 2018-07-17 | CVE-2018-14363 | Path Traversal vulnerability in multiple products An issue was discovered in NeoMutt before 2018-07-16. | 7.5 |
| 2018-07-17 | CVE-2018-14355 | Path Traversal vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. | 5.3 |
| 2018-07-17 | CVE-2018-13864 | Path Traversal vulnerability in Lightbend Play Framework A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. | 7.5 |
| 2018-07-16 | CVE-2018-13980 | Path Traversal vulnerability in Zeta-Producer Zeta Producer The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal. | 5.5 |
| 2018-07-15 | CVE-2018-14064 | Path Traversal vulnerability in Velotismart Project Velotismart Wifi Firmware B380 The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80. | 9.8 |