CWE-36
Absolute Path Traversal
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.
117 vulnerabilities with CWE-36
CVE-2023-2101
MEDIUM
Moxi624 Mogu Blog <5.2 - Path Traversal
CVSS 4.3
CVE-2023-1176
LOW
Lfprojects Mlflow < 2.2.2 - Absolute Path Traversal
CVSS 3.3
CVE-2022-20958
HIGH
Cisco Broadworks Commpilot Application < 23.0 - SSRF
CVSS 8.3
CVE-2022-20791
MEDIUM
Cisco Unified CM - Info Disclosure
CVSS 6.5
CVE-2022-24877
CRITICAL
Fluxcd Flux2 < 0.29.0 - Path Traversal
CVSS 9.9
CVE-2022-1554
HIGH
Clinical-genomics Scout < 4.52 - Path Traversal
CVSS 7.5
CVE-2021-34711
MEDIUM
Cisco IP Conference Phone 7832 Firmware < 14.1\(1\) - Path Traversal
CVSS 5.5
CVE-2021-1618
MEDIUM
Cisco Intersight Virtual Appliance - Absolute Path Traversal
CVSS 6.5
CVE-2021-1617
MEDIUM
Cisco Intersight Virtual Appliance < 1.0.9-292 - Path Traversal
CVSS 6.5
CVE-2021-21586
HIGH
Dell Wyse Management Suite < 3.2 - Path Traversal
CVSS 8.1
CVE-2021-32507
MEDIUM
Qsan Storage Manager < 3.3.3 - Path Traversal
CVSS 6.5
CVE-2021-32506
MEDIUM
Qsan Storage Manager < 3.3.3 - Path Traversal
CVSS 6.5
CVE-2021-30173
MEDIUM
Omni-directional <version> - Local File Inclusion
CVSS 6.5
CVE-2021-1297
HIGH
Cisco Rv160w Wireless-ac VPN Router Firmware - Path Traversal
CVSS 7.5
CVE-2021-1296
HIGH
Cisco Rv160w Wireless-ac VPN Router Firmware - Path Traversal
CVSS 7.5
CVE-2018-20250
HIGH
KEV
WinRAR <5.61 - Path Traversal
CVSS 7.8
CVE-2017-7929
HIGH
Advantech Webaccess < 8.1 - Path Traversal
CVSS 7.1
Details
Vulnerabilities
117