Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-13 | CVE-2023-34125 | Path Traversal vulnerability in Sonicwall Analytics and Global Management System Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. | 6.5 |
| 2023-07-12 | CVE-2023-26563 | Path Traversal vulnerability in Syncfusion Nodejs File System Provider 0102271 The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. | 9.8 |
| 2023-07-12 | CVE-2023-26564 | Path Traversal vulnerability in Syncfusion EJ2 Aspcore File Provider The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable to Models/PhysicalFileProvider.cs directory traversal. | 9.8 |
| 2023-07-12 | CVE-2023-37960 | Path Traversal vulnerability in Jenkins Mathworks Polyspace Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems. | 6.5 |
| 2023-07-11 | CVE-2022-23447 | Path Traversal vulnerability in Fortinet Fortiextender Firmware An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. | 7.5 |
| 2023-07-11 | CVE-2023-25606 | Path Traversal vulnerability in Fortinet Fortianalyzer and Fortimanager An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-23] in FortiAnalyzer and FortiManager management interface 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions may allow a remote and authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. | 6.5 |
| 2023-07-11 | CVE-2023-34117 | Path Traversal vulnerability in Zoom Software Development KIT Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access. | 3.3 |
| 2023-07-10 | CVE-2023-1183 | Path Traversal vulnerability in multiple products A flaw was found in the Libreoffice package. | 5.5 |
| 2023-07-10 | CVE-2023-37288 | Path Traversal vulnerability in Smartsoft Smartbpm.Net 6.70 SmartBPM.NET component has a vulnerability of path traversal within its file download function. | 7.5 |
| 2023-07-06 | CVE-2023-23547 | Path Traversal vulnerability in Milesight Ur32L Firmware 32.3.0.5 A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. | 6.5 |