CVE-2017-1000170 CVSS:0.0
jqueryFileTree 2.1.5 and older Directory Traversal (Last Update:2017-11-17) (Publish Update:2017-11-17)
CVE-2017-1000062 CVSS:5.0
kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution (Last Update:2017-07-19) (Publish Update:2017-07-17)
CVE-2017-1000047 CVSS:7.5
rbenv (all current versions) is vulnerable to Directory Traversal in the specification of Ruby version resulting in arbitrary code execution (Last Update:2017-07-21) (Publish Update:2017-07-17)
CVE-2017-1000028 CVSS:5.0
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request. (Last Update:2017-07-21) (Publish Update:2017-07-17)
CVE-2017-1000026 CVSS:5.0
Chef Software's mixlib-archive versions 0.3.0 and older are vulnerable to a directory traversal attack allowing attackers to overwrite arbitrary files by using ".." in tar archive entries (Last Update:2017-07-21) (Publish Update:2017-07-17)
CVE-2017-1000002 CVSS:7.5
ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in information disclosure. (Last Update:2017-07-27) (Publish Update:2017-07-17)
CVE-2017-16903 CVSS:0.0
LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, within a template Style add request to index.php. (Last Update:2017-11-20) (Publish Update:2017-11-20)
CVE-2017-16877 CVSS:0.0
ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information. (Last Update:2017-11-17) (Publish Update:2017-11-17)
CVE-2017-16806 CVSS:0.0
The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before allows HTTP server directory traversal. (Last Update:2017-11-15) (Publish Update:2017-11-13)
CVE-2017-16762 CVSS:0.0
Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring. (Last Update:2017-11-10) (Publish Update:2017-11-10)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by