Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-38950 | Path Traversal vulnerability in Zkteco Biotime 8.5.5 A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. | 7.5 |
| 2023-08-03 | CVE-2023-38951 | Path Traversal vulnerability in Zkteco Biotime 8.5.5 A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration. | 9.8 |
| 2023-08-03 | CVE-2023-0956 | Path Traversal vulnerability in Tel-Ster Telwin Scada Webinterface External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system. | 7.5 |
| 2023-08-03 | CVE-2023-35081 | Path Traversal vulnerability in Ivanti Endpoint Manager Mobile A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance. | 7.2 |
| 2023-08-03 | CVE-2023-33365 | Path Traversal vulnerability in Supremainc Biostar 2 A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server. | 7.5 |
| 2023-08-03 | CVE-2022-26838 | Path Traversal vulnerability in Cybozu Remote Service Manager 3.1.2 Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service (DoS) condition. | 6.5 |
| 2023-08-03 | CVE-2023-3348 | Path Traversal vulnerability in Cloudflare Wrangler The Wrangler command line tool (<[email protected] or <[email protected]) was affected by a directory traversal vulnerability when running a local development server for Pages (wrangler pages dev command). | 5.7 |
| 2023-08-03 | CVE-2023-38956 | Path Traversal vulnerability in Zkteco Bioaccess IVS 3.3.1 A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. | 7.5 |
| 2023-08-03 | CVE-2023-33369 | Path Traversal vulnerability in Assaabloy Control ID Idsecure 4.7.26.0 A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing attackers to delete arbitrary files on IDSecure filesystem, causing a denial of service. | 9.1 |
| 2023-08-02 | CVE-2023-26441 | Path Traversal vulnerability in Open-Xchange Appsuite Office 7.8.3 Cacheservice did not correctly check if relative cache object were pointing to the defined absolute location when accessing resources. | 5.5 |