Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-16 | CVE-2024-45711 | Path Traversal vulnerability in Solarwinds Serv-U SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. | 8.8 |
| 2024-10-16 | CVE-2019-25213 | Path Traversal vulnerability in Vasyltech Advanced Access Manager The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. | 7.5 |
| 2024-10-15 | CVE-2024-9676 | A vulnerability was found in Podman, Buildah, and CRI-O. | 6.5 |
| 2024-10-15 | CVE-2024-9983 | Path Traversal vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. | 7.5 |
| 2024-10-15 | CVE-2024-46898 | Path Traversal vulnerability in Ss-Proj Shirasagi SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. | 7.5 |
| 2024-10-15 | CVE-2024-0129 | Path Traversal vulnerability in Nvidia Nemo NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. | 7.8 |
| 2024-10-14 | CVE-2024-45731 | Path Traversal vulnerability in Splunk In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for Windows is installed on a separate drive. | 8.0 |
| 2024-10-12 | CVE-2024-9047 | The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. | 9.8 |
| 2024-10-11 | CVE-2024-7514 | The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. | 6.5 |
| 2024-10-10 | CVE-2024-47868 | Path Traversal vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 7.5 |