Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-22415 | Path Traversal vulnerability in Jupyter Language Server Protocol Integration jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol. | 9.8 |
| 2024-01-16 | CVE-2023-2252 | Path Traversal vulnerability in Wpwax Directorist The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files. | 2.7 |
| 2024-01-15 | CVE-2023-6623 | Path Traversal vulnerability in Wpdeveloper Essential Blocks The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks. | 9.8 |
| 2024-01-13 | CVE-2023-52288 | Path Traversal vulnerability in Sujeetkv Flaskcode An issue was discovered in the flaskcode package through 0.0.8 for Python. | 7.5 |
| 2024-01-13 | CVE-2023-52289 | Path Traversal vulnerability in Sujeetkv Flaskcode An issue was discovered in the flaskcode package through 0.0.8 for Python. | 7.5 |
| 2024-01-12 | CVE-2023-48166 | Path Traversal vulnerability in Unify Openscape Voice 10.0 A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system. | 7.5 |
| 2024-01-12 | CVE-2023-49801 | Path Traversal vulnerability in Lifplatforms LIF Auth Server Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. | 7.5 |
| 2024-01-12 | CVE-2023-31036 | Path Traversal vulnerability in Nvidia Triton Inference Server NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. | 8.8 |
| 2024-01-11 | CVE-2023-5504 | Path Traversal vulnerability in Inpsyde Backwpup The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. | 8.7 |
| 2024-01-11 | CVE-2023-6583 | Path Traversal vulnerability in Codection Import and Export Users and Customers The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. | 7.2 |