Weaknesses of type CWE-22

4,803 results
CVE-2024-51127CRITICALAn issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.EPSS 0.7%CVE-2025-8480HIGHAlpine iLX-507 Command Injection Remote Code ExecutionEPSS 0.7%CVE-2026-30976HIGHSonarr Path Traversal vulnerabilityEPSS 0.7%CVE-2024-10707MEDIUMLocal File Inclusion in gaizhenbiao/chuanhuchatgptEPSS 0.7%CVE-2022-4031LOWSimple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File ModificationEPSS 0.7%CVE-2025-7628MEDIUMYiJiuSmile kkFileViewOfficeEdit deleteFile path traversalEPSS 0.7%CVE-2024-52481HIGHWordPress Jobify theme < 4.3.0 - Unauthenticated Arbitrary File Read vulnerabilityEPSS 0.7%CVE-2024-35162MEDIUMPath traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploiteEPSS 0.7%CVE-2021-27771HIGHHCL Sametime is susceptible a file transfer service vulnerabilityEPSS 0.7%CVE-2025-26534HIGHWordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerabilityEPSS 0.7%CVE-2025-25243HIGHPath traversal vulnerability in SAP Supplier Relationship Management (Master Data Management Catalog)EPSS 0.7%CVE-2025-26540HIGHWordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerabilityEPSS 0.7%CVE-2024-45175HIGHAn issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Sensitive information is stored in cleartext. It was found out that EPSS 0.7%CVE-2022-45921HIGHFusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an aEPSS 0.7%CVE-2023-2336MEDIUMPath Traversal in pimcore/pimcoreEPSS 0.7%CVE-2024-24311HIGHPath Traversal vulnerability in Linea Grafica "Multilingual and Multistore Sitemap Pro - SEO" (lgsitemaps) module for PrestaShop before versEPSS 0.7%CVE-2024-41704CRITICALLibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images.EPSS 0.7%CVE-2024-32024MEDIUMKohya_ss vulenrable to path injection in `common_gui.py` `add_pre_postfix` function (`GHSL-2024-023`)EPSS 0.7%CVE-2025-4912MEDIUMSourceCodester Student Result Management System Image File update_student.php path traversalEPSS 0.7%CVE-2026-22860HIGHRack has a Directory Traversal via Rack:DirectoryEPSS 0.7%