Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-16 | CVE-2023-30508 | Path Traversal vulnerability in Arubanetworks Edgeconnect Enterprise Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | 6.5 |
| 2023-05-16 | CVE-2023-30509 | Path Traversal vulnerability in Arubanetworks Edgeconnect Enterprise Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. | 6.5 |
| 2023-05-16 | CVE-2023-2196 | Path Traversal vulnerability in Jenkins Code DX A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. | 4.3 |
| 2023-05-16 | CVE-2023-32985 | Path Traversal vulnerability in Jenkins Sidebar Link Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 4.3 |
| 2023-05-12 | CVE-2020-13377 | Path Traversal vulnerability in Loadbalancer Enterprise VA MAX 8.3.3/8.3.8 The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files. | 8.1 |
| 2023-05-11 | CVE-2023-29986 | Path Traversal vulnerability in Spring-Boot-Actuator-Logview Project Spring-Boot-Actuator-Logview 0.2.13 spring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view. | 5.3 |
| 2023-05-11 | CVE-2023-30172 | Path Traversal vulnerability in Lfprojects Mlflow A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter. | 7.5 |
| 2023-05-11 | CVE-2023-31477 | Path Traversal vulnerability in Gl-Inet products A path traversal issue was discovered on GL.iNet devices before 3.216. | 7.5 |
| 2023-05-10 | CVE-2023-31166 | Path Traversal vulnerability in Selinc products An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 |
| 2023-05-10 | CVE-2023-27562 | Path Traversal vulnerability in N8N 0.218.0 The n8n package 0.218.0 for Node.js allows Directory Traversal. | 6.5 |