Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-13 | CVE-2024-25154 | Path Traversal vulnerability in Fortra Filecatalyst Direct Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage. | 5.3 |
| 2024-03-08 | CVE-2024-23216 | Path Traversal vulnerability in Apple Macos A path handling issue was addressed with improved validation. | 7.1 |
| 2024-03-07 | CVE-2024-28222 | Path Traversal vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process inadequately validates the file path, allowing an unauthenticated attacker to upload and execute a custom file. | 9.8 |
| 2024-03-05 | CVE-2024-27764 | Path Traversal vulnerability in Jeewms An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component. | 9.8 |
| 2024-03-05 | CVE-2024-27765 | Path Traversal vulnerability in Jeewms Directory Traversal vulnerability in Jeewms v.3.7 and before allows a remote attacker to obtain sensitive information via the cgformTemplateController component. | 7.5 |
| 2024-03-04 | CVE-2024-27199 | Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | 7.3 |
| 2024-03-04 | CVE-2024-28088 | Path Traversal vulnerability in Langchain LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. | 8.1 |
| 2024-02-28 | CVE-2024-22723 | Path Traversal vulnerability in Webtrees 2.1.18 Webtrees 2.1.18 is vulnerable to Directory Traversal. | 4.9 |
| 2024-02-26 | CVE-2024-27081 | Path Traversal vulnerability in Esphome 2023.12.9 ESPHome is a system to control your ESP8266/ESP32. | 8.8 |
| 2024-02-26 | CVE-2024-1165 | Path Traversal vulnerability in Brizy The Brizy – Page Builder plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.39 via the 'id'. | 6.5 |