Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-20166 Path Traversal vulnerability in Cisco Identity Services Engine 3.2
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files.
local
low complexity
cisco CWE-22
6.7
2023-05-18 CVE-2023-20167 Path Traversal vulnerability in Cisco Identity Services Engine
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files.
network
low complexity
cisco CWE-22
4.9
2023-05-17 CVE-2023-32767 Path Traversal vulnerability in Symcon IP Symcon 5.5
The web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05-12) allows a remote attacker to read sensitive files via ..
network
low complexity
symcon CWE-22
7.5
2023-05-17 CVE-2023-31904 Path Traversal vulnerability in Savysoda Wifi HD Wireless Disk Drive 11
savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion.
network
low complexity
savysoda CWE-22
7.5
2023-05-16 CVE-2023-30507 Path Traversal vulnerability in Arubanetworks Edgeconnect Enterprise
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
network
low complexity
arubanetworks CWE-22
6.5
2023-05-16 CVE-2023-30508 Path Traversal vulnerability in Arubanetworks Edgeconnect Enterprise
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
network
low complexity
arubanetworks CWE-22
6.5
2023-05-16 CVE-2023-30509 Path Traversal vulnerability in Arubanetworks Edgeconnect Enterprise
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
network
low complexity
arubanetworks CWE-22
6.5
2023-05-16 CVE-2023-2196 Path Traversal vulnerability in Jenkins Code DX
A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system.
network
low complexity
jenkins CWE-22
4.3
2023-05-16 CVE-2023-32985 Path Traversal vulnerability in Jenkins Sidebar Link
Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
network
low complexity
jenkins CWE-22
4.3
2023-05-12 CVE-2020-13377 Path Traversal vulnerability in Loadbalancer Enterprise VA MAX 8.3.3/8.3.8
The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files.
network
low complexity
loadbalancer CWE-22
8.1