Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-19 | CVE-2023-2110 | Path Traversal vulnerability in Obsidian Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/<absolute-path>". | 7.1 |
| 2023-08-19 | CVE-2023-2316 | Path Traversal vulnerability in Typora Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/<absolute-path>". | 7.4 |
| 2023-08-19 | CVE-2023-2971 | Path Traversal vulnerability in Typora Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". | 6.5 |
| 2023-08-17 | CVE-2023-26469 | Path Traversal vulnerability in Jorani 1.0.0 In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. | 9.8 |
| 2023-08-17 | CVE-2023-2915 | Path Traversal vulnerability in Rockwellautomation Thinmanager Thinserver 13.1.0 The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. | 9.1 |
| 2023-08-17 | CVE-2023-2917 | Path Traversal vulnerability in Rockwellautomation Thinmanager Thinserver 13.1.0 The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. | 9.8 |
| 2023-08-17 | CVE-2023-3697 | Path Traversal vulnerability in Asustor Data Master Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and create files. | 8.8 |
| 2023-08-17 | CVE-2023-3698 | Path Traversal vulnerability in Asustor Data Master Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and delete files. | 8.1 |
| 2023-08-17 | CVE-2023-34216 | Path Traversal vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. | 8.1 |
| 2023-08-17 | CVE-2023-34217 | Path Traversal vulnerability in Moxa Tn-4900 Firmware and Tn-5900 Firmware TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. | 8.1 |