Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-23 | CVE-2023-23314 | Path Traversal vulnerability in Zdir Project Zdir 3.2.0 An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file. | 8.8 |
| 2023-01-20 | CVE-2023-22726 | Path Traversal vulnerability in ACT Project ACT act is a project which allows for local running of github actions. | 8.8 |
| 2023-01-20 | CVE-2022-47747 | Path Traversal vulnerability in Uber Kraken kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs. | 7.5 |
| 2023-01-20 | CVE-2021-37500 | Path Traversal vulnerability in Reprisesoftware Reprise License Manager Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server. | 8.1 |
| 2023-01-19 | CVE-2023-0126 | Path Traversal vulnerability in Sonicwall Sma1000 Firmware 12.4.2 Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory. | 7.5 |
| 2023-01-18 | CVE-2023-0290 | Path Traversal vulnerability in Rapid7 Velociraptor Rapid7 Velociraptor did not properly sanitize the client ID parameter to the CreateCollection API, allowing a directory traversal in where the collection task could be written. | 4.3 |
| 2023-01-18 | CVE-2020-36651 | Path Traversal vulnerability in Nodeserver Project Nodeserver A vulnerability has been found in youngerheart nodeserver and classified as critical. | 7.5 |
| 2023-01-17 | CVE-2022-43975 | Path Traversal vulnerability in GE MS 3000 Firmware An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. | 7.5 |
| 2023-01-15 | CVE-2016-15019 | Path Traversal vulnerability in Jekbox Project Jekbox A vulnerability was found in tombh jekbox. | 7.5 |
| 2023-01-13 | CVE-2022-42136 | Path Traversal vulnerability in Mailenable Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the IIS user had permission to access. | 8.8 |