Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-12 | CVE-2023-26564 | Path Traversal vulnerability in Syncfusion EJ2 Aspcore File Provider The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable to Models/PhysicalFileProvider.cs directory traversal. | 9.8 |
2023-07-12 | CVE-2023-37960 | Path Traversal vulnerability in Jenkins Mathworks Polyspace Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems. | 6.5 |
2023-07-11 | CVE-2022-23447 | Path Traversal vulnerability in Fortinet Fortiextender Firmware An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an unauthenticated and remote attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. | 7.5 |
2023-07-11 | CVE-2023-25606 | Path Traversal vulnerability in Fortinet Fortianalyzer and Fortimanager An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-23] in FortiAnalyzer and FortiManager management interface 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions may allow a remote and authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. | 6.5 |
2023-07-11 | CVE-2023-34117 | Path Traversal vulnerability in Zoom Software Development KIT Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access. | 3.3 |
2023-07-10 | CVE-2023-1183 | Path Traversal vulnerability in multiple products A flaw was found in the Libreoffice package. | 5.5 |
2023-07-10 | CVE-2023-37288 | Path Traversal vulnerability in Smartsoft Smartbpm.Net 6.70 SmartBPM.NET component has a vulnerability of path traversal within its file download function. | 7.5 |
2023-07-06 | CVE-2023-23547 | Path Traversal vulnerability in Milesight Ur32L Firmware 32.3.0.5 A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. | 6.5 |
2023-07-06 | CVE-2020-21862 | Path Traversal vulnerability in Duxcms Project Duxcms 2.1 Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del. | 8.1 |
2023-07-06 | CVE-2023-30678 | Path Traversal vulnerability in Samsung Calendar Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file. | 5.5 |