ROS-20260524-73-0036

A vulnerability in the zip.vim plugin of the vim text editor is related to an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

ROS-20260410-73-0004

A vulnerability in the Node.js software platform involves an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to compromise the system...

ROS-20260410-73-0005

A vulnerability in the Node.js software platform involves an incorrect restriction of the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to compromise the system...

CVE-2025-54927

CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses a crafted path input that is processed by the system...

The vulnerability of the Mattermost instant messaging application, related to an incorrect restriction on the path to the restricted catalog, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Mattermost instant messaging application is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the File Upload plugin in the WordPress content management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the File Upload plugin in the WordPress content management system is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data...

The vulnerability of the centralized network management system, Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage), arises from incorrect path name restrictions in the access-restricted directory. This allows attackers to write arbitrary files.

The vulnerability of the centralized network management system, Cisco Catalyst SD-WAN Manager formerly Cisco SD-WAN vManage, is related to incorrect restrictions on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to write arbitrary files...

The vulnerability of the DevTools set of tools for web development in Google Chrome allows a hacker to bypass security restrictions.

The vulnerability of the DevTools set of tools for web development in the Google Chrome browser is related to an incorrect path name limitation for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions remotely...

The vulnerability in the function PLT_FileMediaServerDelegate::ExtractResourcePath() of the file PltHttpServer.cpp in the software development library Platinum UPnP SDK allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the PLTFileMediaServerDelegate::ExtractResourcePath function in the pltHttpServer.cpp file of the software development library, Platinum UPnP SDK, is related to an incorrect limitation on the path name for directories with restricted access. Exploiting this vulnerability coul...

The vulnerability of the editFilePost() function in the Gog tool for creating self-governed Git repositories allows a hacker to execute arbitrary code.

The vulnerability of the editFilePost function in the Gogs self-managed Git repository creation tool is related to improper restrictions on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Nix packet manager in Unix operating systems arises from improper restrictions on the path name of the restricted access directory. This allows a malicious user to re-record any files in the system.

The vulnerability of the Nix packet manager in Unix operating systems is related to an improper limitation on the path name of the restricted access directory. Exploiting this vulnerability allows a remote attacker to re-record any files in the system...

The software’s vulnerability regarding the detection of vulnerabilities and errors in PT Application Inspector arises from an incorrect limitation on the path to the restricted access directory. This allows attackers to increase their privileges.

The vulnerability of the application software’s interface for detecting vulnerabilities and errors in PT Application Inspector exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to enhance their...

The vulnerability of the imagename handler in the CGI script /ems/cgi-bin/ezrf-lighttpd.cgi of the graphical interface for managing WLAN access points and LAN switches in Fortinet FortiWLM allows a attacker to execute arbitrary code.

The vulnerability of the imagename handler in the CGI script /ems/cgi-bin/ezrf-lighttpd.cgi of the graphical interface for managing WLAN access points and LAN switches in Fortinet FortiWLM is related to an incorrect limitation on the path name to the restricted directory. Exploiting this...

The vulnerability of the distributed Git version control system arises from an incorrect limitation on the path name for the restricted access directory, allowing a violator to execute arbitrary code.

The vulnerability of the distributed Git version control system is related to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code...

PT-2024-5114 · Solarwinds · Solarwinds Access Rights Manager

Name of the Vulnerable Software and Affected Versions: SolarWinds Access Rights Manager affected versions not specified Description: The issue is related to the deleteTransferFile method in SolarWinds Access Rights Manager, which is vulnerable due to incorrect restriction of the directory path na...

The vulnerability of the SolarWinds Access Rights Manager software lies in the incorrect restriction of the path name to the restricted directory. This allows a violator to execute arbitrary code.

The vulnerability of the SolarWinds Access Rights Manager software relates to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code...

The vulnerability of the Titan SFTP and Titan MFT NextGen server software lies in the improper limitation of the path name for the restricted access directory. This allows a perpetrator to obtain an arbitrary file size from the file system.

The vulnerability of the Titan SFTP and Titan MFT NextGen server software lies in improper restrictions on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain an arbitrary file size from the file system using the FTP SIZ...

The vulnerability lies in the implementation of OPC UA software methods for connection integration with the Softing OPC UA C++ SDK, as well as the Secure Integration Server data integration tool. This allows attackers to execute arbitrary code.

The vulnerability of the implementation of OPC UA software for connectivity integration with Softing OPC UA C++ SDK lies in the incorrect path name limitation for accessing the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Fusion File Manager component in the PHP-Fusion CMS system allows a hacker to gain access to read and modify files.

The vulnerability of the Fusion File Manager CMS system’s PHP-Fusion component is related to an incorrect limitation on the path name of the restricted directory. Exploiting this vulnerability allows a malicious actor to gain access to and modify files through a specially created HTTP request...

The vulnerability of the Node.js software platform, related to incorrect restrictions on path names for directories with restricted access, allows attackers to compromise the integrity of protected information.

The vulnerability of the Node.js software platform is related to incorrect restrictions on the path name of the restricted access directory. Exploiting this vulnerability allows a malicious actor to influence the integrity of the protected information from a remote location...