Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-25 | CVE-2024-10379 | Path Traversal vulnerability in Esafenet CDG 5 A vulnerability classified as problematic was found in ESAFENET CDG 5. | 7.5 |
2024-10-25 | CVE-2024-10011 | Path Traversal vulnerability in Buddypress The BuddyPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 14.1.0 via the id parameter. | 8.1 |
2024-10-25 | CVE-2024-45842 | Path Traversal vulnerability in multiple products Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests. | 5.3 |
2024-10-24 | CVE-2024-49359 | Path Traversal vulnerability in Zimaspace Zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. | 7.5 |
2024-10-24 | CVE-2024-49760 | Path Traversal vulnerability in Openrefine OpenRefine is a free, open source tool for working with messy data. | 5.3 |
2024-10-24 | CVE-2024-47883 | Path Traversal vulnerability in Openrefine Butterfly The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. | 9.1 |
2024-10-24 | CVE-2024-48931 | Path Traversal vulnerability in Zimaspace Zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. | 7.5 |
2024-10-23 | CVE-2024-48213 | Path Traversal vulnerability in Rockoa Xinhu 2.6.5 RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php. | 4.3 |
2024-10-23 | CVE-2024-20379 | Path Traversal vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. | 6.5 |
2024-10-22 | CVE-2024-35308 | Path Traversal vulnerability in Pandorafms Pandora FMS 742/746 A post-authentication arbitrary file read vulnerability within the server plugins section in plugin edition feature. This issue affects Pandora FMS: from 700 through <777.3. | 8.8 |