Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-11 | CVE-2018-1261 | Path Traversal vulnerability in VMWare Spring Integration ZIP 1.0.0 Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z) that holds path traversal filenames. | 4.7 |
| 2018-05-10 | CVE-2018-7933 | Path Traversal vulnerability in Huawei Hirouter-Cd20 Firmware and Ws5200 Firmware Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. | 7.8 |
| 2018-05-08 | CVE-2015-1503 | Path Traversal vulnerability in Icewarp Mail Server Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. | 7.5 |
| 2018-05-08 | CVE-2017-2594 | Path Traversal vulnerability in Hawt Hawtio hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. | 7.5 |
| 2018-05-08 | CVE-2018-1000175 | Path Traversal vulnerability in Jenkins Html Publisher A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. | 6.5 |
| 2018-05-04 | CVE-2018-5448 | Path Traversal vulnerability in Medtronic 2090 Carelink Programmer Firmware All versions of the Medtronic 2090 Carelink Programmer are affected by a directory traversal vulnerability where the product's software deployment network could allow an attacker to read files on the system. | 5.7 |
| 2018-05-03 | CVE-2018-8003 | Path Traversal vulnerability in Apache Ambari Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. | 5.3 |
| 2018-04-30 | CVE-2018-10553 | Path Traversal vulnerability in Nagios XI 5.4.13 An issue was discovered in Nagios XI 5.4.13. | 6.5 |
| 2018-04-28 | CVE-2017-18263 | Path Traversal vulnerability in Seagate Personal Cloud Firmware 4.3.16.0/4.3.18.0 Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url. | 7.5 |
| 2018-04-27 | CVE-2018-7669 | Path Traversal vulnerability in Sitecore Sitecore.Net An issue was discovered in Sitecore Sitecore.NET 8.1 rev. | 7.5 |