Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-19 | CVE-2014-3626 | Path Traversal vulnerability in Grails Resources 1.2.0/1.2.12 The Grails Resource Plugin often has to exchange URIs for resources with other internal components. | 7.5 |
| 2018-03-17 | CVE-2018-8741 | Path Traversal vulnerability in multiple products A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. | 8.8 |
| 2018-03-16 | CVE-2017-14384 | Path Traversal vulnerability in Dell Storage Manager In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. | 6.5 |
| 2018-03-15 | CVE-2018-7706 | Path Traversal vulnerability in Securenvoy Securmail Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. | 6.5 |
| 2018-03-15 | CVE-2018-7705 | Path Traversal vulnerability in Securenvoy Securmail Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. | 8.1 |
| 2018-03-14 | CVE-2018-8712 | Path Traversal vulnerability in Webmin 1.840/1.880 An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. | 9.8 |
| 2018-03-14 | CVE-2018-2366 | Path Traversal vulnerability in Redwood SAP Business Process Automation 9.0/9.1 SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. | 4.3 |
| 2018-03-13 | CVE-2018-1000083 | Path Traversal vulnerability in Ajenti 2 Ajenti version version 2 contains a Improper Error Handling vulnerability in Login JSON request that can result in The requisition leaks a path of the server. | 5.3 |
| 2018-03-13 | CVE-2018-1000079 | Path Traversal vulnerability in Rubygems RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to arbitrary filesystem locations during installation. | 5.5 |
| 2018-03-09 | CVE-2017-17223 | Path Traversal vulnerability in Huawei products Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. | 8.8 |