Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-25 | CVE-2023-41474 | Path Traversal vulnerability in Ivanti Avalanche 6.3.4.153 Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component. | 6.5 |
| 2024-01-25 | CVE-2024-0882 | Path Traversal vulnerability in Linkwechat 5.1.0 A vulnerability was found in qwdigital LinkWechat 5.1.0. | 7.5 |
| 2024-01-25 | CVE-2023-52076 | Path Traversal vulnerability in Mate-Desktop Atril Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. | 7.8 |
| 2024-01-25 | CVE-2023-50785 | Path Traversal vulnerability in Zohocorp Manageengine Adaudit Plus 7.2 Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal. | 2.7 |
| 2024-01-24 | CVE-2024-23897 | Path Traversal vulnerability in Jenkins Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. | 9.8 |
| 2024-01-23 | CVE-2024-23182 | Path Traversal vulnerability in Appleple A-Blog CMS Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to delete arbitrary files on the server. | 8.1 |
| 2024-01-22 | CVE-2022-45792 | Path Traversal vulnerability in Omron Sysmac Studio Project files may contain malicious contents which the software will use to create files on the filesystem. | 7.8 |
| 2024-01-22 | CVE-2024-23768 | Path Traversal vulnerability in Dremio Dremio before 24.3.1 allows path traversal. | 8.8 |
| 2024-01-18 | CVE-2024-22415 | Path Traversal vulnerability in Jupyter Language Server Protocol Integration jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol. | 9.8 |
| 2024-01-16 | CVE-2023-2252 | Path Traversal vulnerability in Wpwax Directorist The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files. | 2.7 |