Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-15 | CVE-2024-0129 | Path Traversal vulnerability in Nvidia Nemo NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. | 7.8 |
2024-10-14 | CVE-2024-45731 | Path Traversal vulnerability in Splunk In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive. | 8.0 |
2024-10-12 | CVE-2024-9047 | The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. | 9.8 |
2024-10-11 | CVE-2024-7514 | The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. | 6.5 |
2024-10-10 | CVE-2024-47868 | Path Traversal vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 7.5 |
2024-10-10 | CVE-2024-47164 | Path Traversal vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 6.5 |
2024-10-10 | CVE-2024-47166 | Path Traversal vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 5.3 |
2024-10-08 | CVE-2024-47009 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
2024-10-08 | CVE-2024-47010 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. | 9.8 |
2024-10-08 | CVE-2024-47011 | Path Traversal vulnerability in Ivanti Avalanche Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information | 7.5 |