Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-32004 | Path Traversal vulnerability in multiple products A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. | 8.8 |
| 2023-08-14 | CVE-2023-21268 | Path Traversal vulnerability in Google Android In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. | 5.5 |
| 2023-08-14 | CVE-2023-40274 | Path Traversal vulnerability in Getzola Zola An issue was discovered in zola 0.13.0 through 0.17.2. | 7.5 |
| 2023-08-11 | CVE-2020-27514 | Path Traversal vulnerability in Zrlog 2.1.5 Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS). | 9.1 |
| 2023-08-11 | CVE-2021-26504 | Path Traversal vulnerability in Dgtl Huemagic 3.0.0 Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js. | 7.5 |
| 2023-08-10 | CVE-2023-32563 | Path Traversal vulnerability in Ivanti Avalanche An unauthenticated attacker could achieve the code execution through a RemoteControl server. | 9.8 |
| 2023-08-10 | CVE-2023-39964 | Path Traversal vulnerability in Fit2Cloud 1Panel 1.4.3 1Panel is an open source Linux server operation and maintenance management panel. | 7.5 |
| 2023-08-10 | CVE-2023-39957 | Path Traversal vulnerability in Nextcloud Talk Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. | 7.8 |
| 2023-08-09 | CVE-2023-38997 | Path Traversal vulnerability in Opnsense A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive. | 7.2 |
| 2023-08-09 | CVE-2023-31448 | Path Traversal vulnerability in Paessler Prtg Network Monitor A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. | 4.7 |