Weaknesses of type CWE-22

4,809 results
CVE-2025-27409HIGHJoplin Server Vulnerable to Path TraversalEPSS 0.5%CVE-2026-33466HIGHImproper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File WriteEPSS 0.5%CVE-2024-44014CRITICALWordPress Vmax Project Manager plugin <= 1.0 - Local File Inclusion to RCE vulnerabilityEPSS 0.5%CVE-2025-27085MEDIUMArbitrary File Download Vulnerabilities in Web-Based Management Interface of AOS-10 GW and AOS-8 Controller/Mobility ConductorEPSS 0.5%CVE-2024-49286CRITICALWordPress SSV Events plugin <= 3.2.7 - Local File Inclusion to RCE vulnerabilityEPSS 0.5%CVE-2024-41792CRITICALA vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices contains a patEPSS 0.5%CVE-2026-45171HIGHIdira Privileged Session Manager (PSM): Potential Code Execution due to an Incomplete Input ValidationEPSS 0.5%CVE-2023-47222CRITICALMedia Streaming add-onEPSS 0.5%CVE-2026-2683MEDIUMTsinghua Unigroup Electronic Archives System downLoad.html path traversalEPSS 0.5%CVE-2019-25256HIGHVideoFlow Digital Video Protection DVP 2.10 Authenticated Directory TraversalEPSS 0.5%CVE-2021-27278HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker muEPSS 0.5%CVE-2026-42200HIGHCoolify: PostgreSQL Init Script Path Traversal Leads to Arbitrary File Write and Root RCEEPSS 0.5%CVE-2026-41448CRITICALAdGuard Home Authentication Bypass via Path Traversal in Admin-Token CookieEPSS 0.5%CVE-2025-41758HIGHArbitrary Write with wwwupload.cgiEPSS 0.5%CVE-2024-34551CRITICALWordPress Stockholm theme <= 9.6 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-35677CRITICALWordPress MegaMenu plugin <= 2.3.12 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-41757HIGHArbitrary Write with ubr-restoreEPSS 0.5%CVE-2025-54293HIGHPath Traversal in LXD Instance Log File RetrievalEPSS 0.5%CVE-2026-41465HIGHProjeQtor < 12.4.4 Path Traversal via dynamicDialog.phpEPSS 0.5%CVE-2023-3675MEDIUMInsufficient input validation when downloading certain file types.EPSS 0.5%