Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-26 | CVE-2023-26802 | Path Traversal vulnerability in Dcnglobal Dcbi-Netlog-Lab Firmware 1.0 An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request. | 9.8 |
| 2023-03-24 | CVE-2023-27055 | Path Traversal vulnerability in Aver Ptzapp 2 Aver Information Inc PTZApp2 v20.01044.48 allows attackers to access sensitive files via a crafted GET request. | 7.5 |
| 2023-03-23 | CVE-2023-20066 | Path Traversal vulnerability in Cisco IOS XE 16.12.3/17.3.2/17.6.2 A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. | 6.5 |
| 2023-03-22 | CVE-2023-27855 | Path Traversal vulnerability in Rockwellautomation Thinmanager In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. | 9.8 |
| 2023-03-22 | CVE-2023-27856 | Path Traversal vulnerability in Rockwellautomation Thinmanager In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. | 7.5 |
| 2023-03-16 | CVE-2023-21456 | Path Traversal vulnerability in Samsung Android 11.0/12.0/13.0 Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid. | 5.5 |
| 2023-03-15 | CVE-2023-25345 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags. | 7.5 |
| 2023-03-15 | CVE-2023-28371 | Path Traversal vulnerability in Stellarium In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. | 9.8 |
| 2023-03-14 | CVE-2023-27588 | Path Traversal vulnerability in Hasura Graphql Engine Hasura is an open-source product that provides users GraphQL or REST APIs. | 7.5 |
| 2023-03-14 | CVE-2023-1398 | Path Traversal vulnerability in Teacms Project Teacms 2.0 A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0. | 8.8 |