Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-10 | CVE-2023-48246 | Path Traversal vulnerability in Bosch Nexo-Os 1000/1500Sp2 The vulnerability allows a remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. | 6.5 |
| 2024-01-10 | CVE-2023-48249 | Path Traversal vulnerability in Bosch Nexo-Os 1000/1500Sp2 The vulnerability allows an authenticated remote attacker to list arbitrary folders in all paths of the system under the context of the application OS user (“root”) via a crafted HTTP request. By abusing this vulnerability, it is possible to steal session cookies of other active users. | 6.5 |
| 2024-01-10 | CVE-2024-0354 | Path Traversal vulnerability in Unknown-O Download-Station 1.1.8 A vulnerability, which was classified as critical, has been found in unknown-o download-station up to 1.1.8. | 7.5 |
| 2024-01-09 | CVE-2024-0341 | Path Traversal vulnerability in Inis Project Inis 2.0.0/2.0.1 A vulnerability was found in Inis up to 2.0.1. | 7.5 |
| 2024-01-08 | CVE-2023-47890 | Path Traversal vulnerability in Pyload 0.5.0 pyLoad 0.5.0 is vulnerable to Unrestricted File Upload. | 8.8 |
| 2024-01-08 | CVE-2023-47211 | Path Traversal vulnerability in Zohocorp products A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. | 8.6 |
| 2024-01-04 | CVE-2024-22050 | Path Traversal vulnerability in Boazsegev Iodine Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs. | 7.5 |
| 2024-01-04 | CVE-2023-29962 | Path Traversal vulnerability in S-Cms 5.0 S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability. | 6.5 |
| 2024-01-04 | CVE-2024-20804 | Path Traversal vulnerability in Samsung Android 11.0/12.0 Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | 5.5 |
| 2024-01-04 | CVE-2024-20805 | Path Traversal vulnerability in Samsung Android 11.0/12.0 Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | 5.5 |