CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,285 vulnerabilities with CWE-22
CVE-2016-6321
HIGH
GNU tar 1.14-1.29 - Path Traversal via File Name Parameter
CVSS 7.5
CVE-2016-2933
MEDIUM
IBM BigFix Remote Control < 9.1.2 - Authenticated Path Traversal
CVSS 6.8
CVE-2016-5765
MEDIUM
Micro Focus Host Access Management and Security Server - Info Discl...
CVSS 6.5
CVE-2016-9177
HIGH
Spark < 2.5 - Path Traversal via URI
CVSS 7.5
CVE-2016-1000112
CRITICAL
contus-video-comments v1.0 - Unauthenticated Path Traversal and Arbitrary File Write via JPG Upload
CVSS 9.1
CVE-2016-6023
HIGH
IBM Sterling Secure Proxy <3.4.2.0-3.4.3.0 - Path Traversal
CVSS 7.5
CVE-2016-8343
HIGH
INDAS Web SCADA <3 - Path Traversal
CVSS 7.5
CVE-2016-8280
MEDIUM
Huawei eSight <V300R003C20SPC005 - Path Traversal
CVSS 6.5
CVE-2016-6038
MEDIUM
IBM AIX 5.3, 6.1, 7.1 - Authenticated Path Traversal via Eclipse Help URL
CVSS 6.5
CVE-2016-5970
MEDIUM
IBM Security Privileged Identity Manager <2.0.2 FP8 - Path Traversal
CVSS 6.5
CVE-2016-6371
HIGH
Cisco HCM-F <10.6.3 - Path Traversal
CVSS 7.5
CVE-2016-6370
MEDIUM
Cisco HCM-F <10.6.3 - Path Traversal
CVSS 4.3
CVE-2016-5332
MEDIUM
VMware vRealize Log Insight 2.x-3.x - Path Traversal
CVSS 5.3
CVE-2016-5664
MEDIUM
Accellion Kiteworks <kw2016.03.00 - Path Traversal
CVSS 4.3
CVE-2016-5049
HIGH
ReadyDesk 9.1 - Path Traversal via SESID and FNAME Parameters
CVSS 7.5
CVE-2016-1429
HIGH
Cisco RV180/RV180W - Path Traversal
CVSS 7.5
CVE-2016-6138
CRITICAL
SAP TREX 7.10 Revision 63 - Path Traversal
CVSS 9.8
CVE-2016-5639
HIGH
Crestron AirMedia <1.4.0.13 - Path Traversal
CVSS 7.5
CVE-2016-6232
HIGH
KArchive <5.24 - Path Traversal
CVSS 7.5
CVE-2016-1610
HIGH
Novell Filr <1.2 SU3, 2.0 SU2 - Path Traversal
CVSS 7.5
CVE-2016-1605
MEDIUM
NetIQ Sentinel <7.4.2 - Path Traversal
CVSS 6.5
CVE-2016-5092
MEDIUM
FortiWeb < 5.5.3 - Authenticated Path Traversal via Autolearn Feature
CVSS 4.9
CVE-2016-2205
MEDIUM
Symantec Workspace Streaming and Virtualization - Authenticated Path Traversal
CVSS 5.7
CVE-2016-5098
MEDIUM
phpMyAdmin - Path Traversal in Error Report Library
CVSS 5.3
CVE-2016-2872
MEDIUM
IBM Security QRadar SIEM and Incident Forensics 7.2.x < 7.2.7 - Path Traversal via Crafted URL
CVSS 5.3
Details
Vulnerabilities
9,285
Exploit Likelihood
High