Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-8189 | Path Traversal vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv) FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. | 6.0 |
| 2017-11-22 | CVE-2017-2706 | Path Traversal vulnerability in Huawei Mate 9 Firmware Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. | 7.1 |
| 2017-11-22 | CVE-2017-2695 | Path Traversal vulnerability in Huawei Tit-Al00 Firmware C583B211 TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application. | 5.5 |
| 2017-11-22 | CVE-2017-2693 | Path Traversal vulnerability in Huawei products ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier versions,CRR-L09C432B180 and earlier versions,CRR-TL00C01B172 and earlier versions,CRR-UL00C00B172 and earlier versions,CRR-UL20C432B171 and earlier versions,GRA-CL00C92B230 and earlier versions,GRA-L09C432B222 and earlier versions,GRA-TL00C01B230SP01 and earlier versions,GRA-UL00C00B230 and earlier versions,GRA-UL00C10B201 and earlier versions,GRA-UL00C432B220 and earlier versions,H60-L04C10B523 and earlier versions,H60-L04C185B523 and earlier versions,H60-L04C636B527 and earlier versions,H60-L04C900B530 and earlier versions,PLK-AL10C00B220 and earlier versions,PLK-AL10C92B220 and earlier versions,PLK-CL00C92B220 and earlier versions,PLK-L01C10B140 and earlier versions,PLK-L01C185B130 and earlier versions,PLK-L01C432B187 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C432B190 and earlier versions,PLK-L01C636B130 and earlier versions,PLK-TL00C01B220 and earlier versions,PLK-TL01HC01B220 and earlier versions,PLK-UL00C17B220 and earlier versions,ATH-AL00C00B210 and earlier versions,ATH-AL00C92B200 and earlier versions,ATH-CL00C92B210 and earlier versions,ATH-TL00C01B210 and earlier versions,ATH-TL00HC01B210 and earlier versions,ATH-UL00C00B210 and earlier versions,RIO-AL00C00B220 and earlier versions,RIO-CL00C92B220 and earlier versions,RIO-TL00C01B220 and earlier versions,RIO-UL00C00B220 and earlier versions have a path traversal vulnerability. | 7.8 |
| 2017-11-20 | CVE-2017-16903 | Path Traversal vulnerability in Lvyecms Project Lvyecms LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, within a template Style add request to index.php. | 9.8 |
| 2017-11-20 | CVE-2017-15527 | Path Traversal vulnerability in Symantec Management Console Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs. | 6.8 |
| 2017-11-17 | CVE-2017-1000170 | Path Traversal vulnerability in Jqueryfiletree Project Jqueryfiletree jqueryFileTree 2.1.5 and older Directory Traversal | 7.5 |
| 2017-11-17 | CVE-2017-16877 | Path Traversal vulnerability in Zeit Next.Js ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information. | 7.5 |
| 2017-11-16 | CVE-2017-1087 | Path Traversal vulnerability in Freebsd In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. | 7.8 |
| 2017-11-13 | CVE-2017-16806 | Path Traversal vulnerability in Ulterius Server 1.5.6.0/1.8.0.0 The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before 1.9.5.0 allows HTTP server directory traversal. | 7.5 |