Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2023-05-16 CVE-2023-30508 Path Traversal vulnerability in Arubanetworks Edgeconnect Enterprise
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
network
low complexity
arubanetworks CWE-22
6.5
2023-05-16 CVE-2023-30509 Path Traversal vulnerability in Arubanetworks Edgeconnect Enterprise
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
network
low complexity
arubanetworks CWE-22
6.5
2023-05-16 CVE-2023-2196 Path Traversal vulnerability in Jenkins Code DX
A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system.
network
low complexity
jenkins CWE-22
4.3
2023-05-16 CVE-2023-32985 Path Traversal vulnerability in Jenkins Sidebar Link
Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
network
low complexity
jenkins CWE-22
4.3
2023-05-12 CVE-2020-13377 Path Traversal vulnerability in Loadbalancer Enterprise VA MAX 8.3.3/8.3.8
The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files.
network
low complexity
loadbalancer CWE-22
8.1
2023-05-11 CVE-2023-29986 Path Traversal vulnerability in Spring-Boot-Actuator-Logview Project Spring-Boot-Actuator-Logview 0.2.13
spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view.
5.3
2023-05-11 CVE-2023-30172 Path Traversal vulnerability in Lfprojects Mlflow
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.
network
low complexity
lfprojects CWE-22
7.5
2023-05-11 CVE-2023-31477 Path Traversal vulnerability in Gl-Inet products
A path traversal issue was discovered on GL.iNet devices before 3.216.
network
low complexity
gl-inet CWE-22
7.5
2023-05-10 CVE-2023-31166 Path Traversal vulnerability in Selinc products
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system. See SEL Service Bulletin dated 2022-11-15 for more details.
network
low complexity
selinc CWE-22
4.3
2023-05-10 CVE-2023-27562 Path Traversal vulnerability in N8N 0.218.0
The n8n package 0.218.0 for Node.js allows Directory Traversal.
network
low complexity
n8n CWE-22
6.5