Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-30 | CVE-2023-39138 | Path Traversal vulnerability in Peakstep Zipfoundation 0.9.16 An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file. | 7.8 |
| 2023-08-30 | CVE-2023-39139 | Path Traversal vulnerability in Archive Project Archive 3.3.7 An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file. | 7.8 |
| 2023-08-30 | CVE-2023-40597 | Path Traversal vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. | 8.8 |
| 2023-08-29 | CVE-2023-39559 | Path Traversal vulnerability in Web-Audimex Audimexee 15.0 AudimexEE 15.0 was discovered to contain a full path disclosure vulnerability. | 5.3 |
| 2023-08-29 | CVE-2023-41266 | Path Traversal vulnerability in Qlik Sense A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. | 6.5 |
| 2023-08-29 | CVE-2023-20890 | Path Traversal vulnerability in VMWare Aria Operations for Networks Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution. | 7.2 |
| 2023-08-28 | CVE-2023-40826 | Path Traversal vulnerability in Pf4J Project Pf4J An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter. | 7.5 |
| 2023-08-28 | CVE-2023-40827 | Path Traversal vulnerability in Pf4J Project Pf4J An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter. | 7.5 |
| 2023-08-28 | CVE-2023-40828 | Path Traversal vulnerability in Pf4J Project Pf4J An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function. | 7.5 |
| 2023-08-28 | CVE-2023-39810 | Path Traversal vulnerability in Busybox 1.30.1/1.33.2 An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal. | 7.8 |