Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2023-47613 | Path Traversal vulnerability in Telit products A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to escape from virtual directories and get read/write access to protected files on the targeted system. | 7.1 |
| 2023-11-08 | CVE-2023-36667 | Path Traversal vulnerability in Couchbase Server Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal. | 7.5 |
| 2023-11-06 | CVE-2023-5355 | Path Traversal vulnerability in Getawesomesupport Awesome Support The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server. | 8.1 |
| 2023-11-03 | CVE-2023-3961 | Path Traversal vulnerability in multiple products A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. | 9.8 |
| 2023-11-03 | CVE-2023-41344 | Path Traversal vulnerability in Ncsist Mobile Device Manager 1.4 NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. | 7.5 |
| 2023-11-03 | CVE-2023-34259 | Path Traversal vulnerability in Kyocera D-Copia253Mf Plus Firmware 2Vgs000.002.561 Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. | 4.9 |
| 2023-11-03 | CVE-2023-34260 | Path Traversal vulnerability in Kyocera D-Copia253Mf Plus Firmware 2Vgs000.002.561 Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow a denial of service (service outage) via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory. | 7.5 |
| 2023-11-01 | CVE-2023-2621 | Path Traversal vulnerability in Hitachienergy Modular Advanced Control for Hvdc 5.0/7.10.0.0 The McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAIN computer system. | 6.5 |
| 2023-10-30 | CVE-2023-46863 | Path Traversal vulnerability in Peppermint Peppermint Ticket Management before 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/users/file/download?filepath=./../ POST request. | 7.5 |
| 2023-10-30 | CVE-2023-46864 | Path Traversal vulnerability in Peppermint Peppermint Ticket Management through 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/ticket/1/file/download?filepath=../ POST request. | 5.3 |