Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-41747 | Path Traversal vulnerability in Acronis Cloud Manager Sensitive information disclosure due to unauthenticated path traversal. | 6.5 |
| 2023-08-31 | CVE-2023-31167 | Path Traversal vulnerability in Selinc Sel-5036 Acselerator BAY Screen Builder Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Schweitzer Engineering Laboratories SEL-5036 acSELerator Bay Screen Builder Software on Windows allows Relative Path Traversal. SEL acSELerator Bay Screen Builder software is distributed by SEL-5033 SEL acSELerator RTAC, SEL-5030 Quickset, and SEL Compass. | 8.1 |
| 2023-08-30 | CVE-2023-39135 | Path Traversal vulnerability in Marmelroy ZIP 2.1.2 An issue in Zip Swift v2.1.2 allows attackers to execute a path traversal attack via a crafted zip entry. | 7.8 |
| 2023-08-30 | CVE-2023-39138 | Path Traversal vulnerability in Peakstep Zipfoundation 0.9.16 An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file. | 7.8 |
| 2023-08-30 | CVE-2023-39139 | Path Traversal vulnerability in Archive Project Archive 3.3.7 An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file. | 7.8 |
| 2023-08-30 | CVE-2023-40597 | Path Traversal vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. | 8.8 |
| 2023-08-29 | CVE-2023-39559 | Path Traversal vulnerability in Web-Audimex Audimexee 15.0 AudimexEE 15.0 was discovered to contain a full path disclosure vulnerability. | 5.3 |
| 2023-08-29 | CVE-2023-41266 | Path Traversal vulnerability in Qlik Sense A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. | 6.5 |
| 2023-08-29 | CVE-2023-20890 | Path Traversal vulnerability in VMWare Aria Operations for Networks Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution. | 7.2 |
| 2023-08-28 | CVE-2023-40826 | Path Traversal vulnerability in Pf4J Project Pf4J An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter. | 7.5 |