Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-23 | CVE-2018-7442 | Path Traversal vulnerability in Leptonica An issue was discovered in Leptonica through 1.75.3. | 9.1 |
| 2018-02-23 | CVE-2017-18196 | Path Traversal vulnerability in Leptonica 1.74.4 Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as demonstrated by /tmp/ANY/PATH/ANY/PATH/input.tif. | 3.3 |
| 2018-02-22 | CVE-2018-7300 | Path Traversal vulnerability in Eq-3 Homematic Ccu2 Firmware Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. | 9.8 |
| 2018-02-22 | CVE-2018-7296 | Path Traversal vulnerability in Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22 Directory Traversal / Arbitrary File Read in User.getLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to read the first line of an arbitrary file on the CCU2's filesystem. | 5.3 |
| 2018-02-21 | CVE-2018-5716 | Path Traversal vulnerability in Reprisesoftware Reprise License Manager 11.0 An issue was discovered in Reprise License Manager 11.0. | 8.1 |
| 2018-02-20 | CVE-2018-6356 | Path Traversal vulnerability in multiple products Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. | 6.5 |
| 2018-02-19 | CVE-2014-3972 | Path Traversal vulnerability in Apexis Apm-J601-Ws Firmware Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors. | 5.3 |
| 2018-02-19 | CVE-2017-15712 | Path Traversal vulnerability in Apache Oozie Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. | 6.5 |
| 2018-02-18 | CVE-2018-7212 | Path Traversal vulnerability in Sinatrarb Sinatra 2.0.0/2.0.1 An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. | 5.3 |
| 2018-02-16 | CVE-2017-14537 | Path Traversal vulnerability in Netfortris Trixbox 2.8.0.4 trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php. | 6.5 |