Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-40701 | Path Traversal vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020 A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. | 8.1 |
| 2023-01-26 | CVE-2022-41154 | Path Traversal vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020 A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. | 6.5 |
| 2023-01-26 | CVE-2022-47951 | Path Traversal vulnerability in multiple products An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. | 5.7 |
| 2023-01-26 | CVE-2022-4510 | Path Traversal vulnerability in Microsoft Binwalk A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. | 7.8 |
| 2023-01-26 | CVE-2023-23608 | Path Traversal vulnerability in Spotipy Project Spotipy Spotipy is a light weight Python library for the Spotify Web API. | 4.3 |
| 2023-01-26 | CVE-2023-24057 | Path Traversal vulnerability in multiple products HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive). | 8.1 |
| 2023-01-26 | CVE-2023-24449 | Path Traversal vulnerability in Jenkins Pwauth Security Realm 0.3/0.4 Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 4.3 |
| 2023-01-26 | CVE-2023-24455 | Path Traversal vulnerability in Jenkins Visual Expert 1.0/1.3 Jenkins visualexpert Plugin 1.3 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 4.3 |
| 2023-01-26 | CVE-2020-18330 | Path Traversal vulnerability in Chinamobileltd Gpn2.4P21-C-Cn Firmware W2000En01 An issue was discovered in the default configuration of ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), allows attackers to gain access to the configuration interface. | 9.1 |
| 2023-01-26 | CVE-2020-18331 | Path Traversal vulnerability in Chinamobileltd Gpn2.4P21-C-Cn Firmware W2000En01 Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), via the getpage parameter to /cgi-bin/webproc. | 9.1 |