Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-10 | CVE-2024-45709 | Path Traversal vulnerability in Solarwinds web Help Desk SolarWinds Web Help Desk was susceptible to a local file read vulnerability. | 5.5 |
| 2024-12-10 | CVE-2023-6947 | Path Traversal vulnerability in Fooplugins Foogallery 2.4.15 The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. | 7.7 |
| 2024-12-05 | CVE-2024-51549 | Path Traversal vulnerability in ABB products Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.4 |
| 2024-12-04 | CVE-2024-54154 | Path Traversal vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox | 9.8 |
| 2024-12-03 | CVE-2024-49411 | Path Traversal vulnerability in Samsung Android 12.0/13.0 Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege. | 4.6 |
| 2024-11-27 | CVE-2024-11667 | Path Traversal vulnerability in Zyxel ZLD A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50(W) series firmware versions V5.10 through V5.38, and USG20(W)-VPN series firmware versions V5.10 through V5.38 could allow an attacker to download or upload files via a crafted URL. | 9.8 |
| 2024-11-27 | CVE-2024-53676 | Path Traversal vulnerability in HPE Insight Remote Support 7.12/7.12.0.529/7.12.0.545 A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution. | 9.8 |
| 2024-11-18 | CVE-2020-26071 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation for specific commands. | 8.4 |
| 2024-11-15 | CVE-2024-44625 | Path Traversal vulnerability in Gogs Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. | 8.8 |
| 2024-11-15 | CVE-2024-41784 | Path Traversal vulnerability in IBM Sterling Secure Proxy IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. | 7.5 |