CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3333

3333 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2020-1631	Out of Cycle Security Advisory: Junos OS: Security vulnerability in J-Web and web based (HTTP/HTTPS) services — Junos OS	8.8	High	2020-05-04
CVE-2020-10691	Ansible 路径遍历漏洞 — Ansible	5.2	Medium	2020-04-30
CVE-2019-19102	Zip Slip vulnerability in 3rd-Party library in B&R Automation Studio upgrade service — Automation Studio	5.5	Medium	2020-04-29
CVE-2020-3177	Cisco Unified Communications Manager Path Traversal Vulnerability — Cisco Unified Communications Manager	7.5	-	2020-04-15
CVE-2020-6974	Honeywell Notifier Web Server 路径遍历漏洞 — Honeywell Notifier Web Server (NWS)	9.8	-	2020-04-07
CVE-2020-8144	Ubiquiti Networks UniFi Video Controller 路径遍历漏洞 — UniFi Video Controller (for Windows 7/8/10 x64)	8.4	-	2020-04-01
CVE-2020-10696	Buildah 路径遍历漏洞 — buildah	8.8	High	2020-03-31
CVE-2020-7478	Schneider Electric Interactive Graphical SCADA System 路径遍历漏洞 — IGSS (Interactive Graphical SCADA System) (IGSS Version prior to 14.0.0.20009)	7.5	-	2020-03-23
CVE-2020-1735	Ansible 路径遍历漏洞 — ansible	4.2	Medium	2020-03-16
CVE-2019-19290	Siemens SiNVR 3 Central Control Server和SiNVR 3 Video Server 路径遍历漏洞 — Control Center Server (CCS)	6.5	Medium	2020-03-10
CVE-2019-19296	Siemens SiNVR 3 Central Control Server 路径遍历漏洞 — SiNVR/SiVMS Video Server	6.8	Medium	2020-03-10
CVE-2019-19297	Siemens SiNVR 3 Central Control Server和SiNVR 3 Video Server 路径遍历漏洞 — SiNVR/SiVMS Video Server	7.5	High	2020-03-10
CVE-2020-1737	Ansible 路径遍历漏洞 — Ansible	7.5	High	2020-03-09
CVE-2019-3696	pcp: Local privilege escalation from user pcp to root through migrate_tempdirs — SUSE Linux Enterprise High Performance Computing 15-ESPOS	8.4	High	2020-03-03
CVE-2019-7007	Avaya Equinox Conferencing Management (iView) Directory Traversal Vulnerability — Equinox Conferencing Management (iView)	7.5	High	2020-02-28
CVE-2020-8131	Yarn 路径遍历漏洞 — yarn	8.8	-	2020-02-24
CVE-2020-6768	Path Traversal in Bosch Video Management System (BVMS) — DIVAR IP 3000	8.6	High	2020-02-07
CVE-2020-5720	MikroTik WinBox 路径遍历漏洞 — MikroTik WinBox	5.9	-	2020-02-06
CVE-2020-6767	Path Traversal in Bosch Video Management System (BVMS) — DIVAR IP 3000	7.7	High	2020-02-06
CVE-2020-5221	Directory Traversal (Chroot Escape) vulnerability in uftpd — uftpd	6.5	Medium	2020-01-22
CVE-2019-10934	Siemens TIA Portal 路径遍历漏洞 — TIA Portal V14	7.8	-	2020-01-16
CVE-2020-1606	Junos OS: Path traversal vulnerability in J-Web — Junos OS	5.4	Medium	2020-01-15
CVE-2019-15980	Cisco Data Center Network Manager Path Traversal Vulnerabilities — Cisco Data Center Network Manager	7.2	-	2020-01-06
CVE-2019-15981	Cisco Data Center Network Manager Path Traversal Vulnerabilities — Cisco Data Center Network Manager	7.2	-	2020-01-06
CVE-2019-15982	Cisco Data Center Network Manager Path Traversal Vulnerabilities — Cisco Data Center Network Manager	7.2	-	2020-01-06
CVE-2019-7483	SonicWall SMA100 路径遍历漏洞 — SMA100	7.5	-	2019-12-19
CVE-2019-15596	statics-server 路径遍历漏洞 — statics-server	7.5	-	2019-12-18
CVE-2019-15600	http_server 路径遍历漏洞 — http_server	7.5	-	2019-12-18
CVE-2019-16777	Arbitrary File Overwrite in npm CLI — cli	7.7	High	2019-12-13
CVE-2019-16776	Unauthorized File Access in npm CLI before before version 6.13.3 — cli	7.7	High	2019-12-13

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3333 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3333