Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-01 | CVE-2024-21852 | Path Traversal vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code execution. | 8.8 |
| 2024-02-01 | CVE-2024-24756 | Path Traversal vulnerability in Crafatar Crafatar serves Minecraft avatars based on the skin for use in external applications. | 7.5 |
| 2024-01-31 | CVE-2023-5390 | Path Traversal vulnerability in Honeywell products An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. | 5.3 |
| 2024-01-31 | CVE-2024-24579 | Path Traversal vulnerability in Anchore Stereoscope stereoscope is a go library for processing container images and simulating a squash filesystem. | 9.8 |
| 2024-01-30 | CVE-2024-22523 | Path Traversal vulnerability in Fuwushe Ifair 23.8Ad0 Directory Traversal vulnerability in Qiyu iFair version 23.8_ad0 and before, allows remote attackers to obtain sensitive information via uploadimage component. | 7.5 |
| 2024-01-29 | CVE-2023-30970 | Path Traversal vulnerability in Palantir products Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system. | 6.5 |
| 2024-01-29 | CVE-2024-23827 | Path Traversal vulnerability in Nginxui Nginx UI Nginx-UI is a web interface to manage Nginx configurations. | 9.8 |
| 2024-01-29 | CVE-2024-0989 | Path Traversal vulnerability in Kuerp Project Kuerp 1.0.4 A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. | 9.8 |
| 2024-01-27 | CVE-2024-0697 | Path Traversal vulnerability in Softaculous Backuply The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. | 4.9 |
| 2024-01-26 | CVE-2024-0402 | Path Traversal vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace. | 9.9 |