Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-31036 | Path Traversal vulnerability in Nvidia Triton Inference Server NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. | 8.8 |
| 2024-01-12 | CVE-2023-49569 | Path Traversal vulnerability in Go-Git Project Go-Git A path traversal vulnerability was discovered in go-git versions prior to v5.11. | 9.8 |
| 2024-01-11 | CVE-2023-5504 | Path Traversal vulnerability in Inpsyde Backwpup The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. | 8.7 |
| 2024-01-11 | CVE-2023-6583 | Path Traversal vulnerability in Codection Import and Export Users and Customers The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. | 7.2 |
| 2024-01-11 | CVE-2023-6699 | Path Traversal vulnerability in Wpcompress WP Compress The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. | 7.5 |
| 2024-01-10 | CVE-2023-51127 | Path Traversal vulnerability in Flir AX8 Firmware 1.46.16 FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. | 7.5 |
| 2024-01-10 | CVE-2023-50916 | Path Traversal vulnerability in Kyocera Device Manager Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. | 7.2 |
| 2024-01-10 | CVE-2023-37932 | Path Traversal vulnerability in Fortinet Fortivoice An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests | 6.5 |
| 2024-01-10 | CVE-2023-48242 | Path Traversal vulnerability in Bosch Nexo-Os 1000/1500Sp2 The vulnerability allows an authenticated remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. | 6.5 |
| 2024-01-10 | CVE-2023-48243 | Path Traversal vulnerability in Bosch Nexo-Os 1000/1500Sp2 The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. By abusing this vulnerability, it is possible to obtain remote code execution (RCE) with root privileges on the device. | 8.8 |