Weaknesses of type CWE-22

4,804 results
CVE-2025-69770CRITICALA zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commandEPSS 0.6%CVE-2026-58166HIGHOpenBMB ChatDev - Unauthenticated Path Traversal in Upload Handler Allows Arbitrary File Write and DeleteEPSS 0.6%CVE-2026-54223HIGHRemote Code Execution via arbitrary file read and write in UBB.threadsEPSS 0.6%CVE-2023-37932MEDIUMAn improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0EPSS 0.6%CVE-2022-47506HIGHSolarWinds Platform Directory Traversal VulnerabilityEPSS 0.6%CVE-2024-54453HIGHAn issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversaEPSS 0.6%CVE-2025-29846HIGHA vulnerability in portenable cgi allows remote authenticated users to get the status of installed packages.EPSS 0.6%CVE-2025-12003HIGHA path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of thEPSS 0.6%CVE-2024-24908MEDIUMDell PowerProtect DM5500 version 5.15.0.0 and prior contain an Arbitrary File Delete via Path Traversal vulnerability. A remote attacker witEPSS 0.6%CVE-2026-40521HIGHFrontAccounting < 2.4.20 Path Traversal RCE via attachment uploadEPSS 0.6%CVE-2025-4545MEDIUMCTCMS Content Management System File Tpl.php del path traversalEPSS 0.6%CVE-2025-54347CRITICALA Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows EPSS 0.6%CVE-2025-13261MEDIUMlsfusion platform DownloadFileRequestHandler.java DownloadFileRequestHandler path traversalEPSS 0.6%CVE-2026-45230HIGHDumbAssets 1.0.11 Path Traversal File Deletion via /api/delete-fileEPSS 0.6%CVE-2026-50203CRITICALApache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory allows local file write outside the destination directory via malicious server-supplied directory-entry namesEPSS 0.6%CVE-2025-26616CRITICALPath Traversal endpoint 'exportar_dump.php' parameter 'file' in WeGIAEPSS 0.6%CVE-2026-42249HIGHRemote Code Execution in Ollama via Update MechanismEPSS 0.6%CVE-2025-9118CRITICALDataform Path TraversalEPSS 0.6%CVE-2025-54963MEDIUMAn issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact with the GXP Job Service may submit a crafEPSS 0.6%CVE-2023-49058LOWDirectory Traversal vulnerability in SAP Master Data GovernanceEPSS 0.6%