Weaknesses of type CWE-22

4,828 results
CVE-2025-65815MEDIUMA lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a dirEPSS 0.5%CVE-2026-27734MEDIUMBeszel Vulnerable to Docker API Path Traversal via Unsanitized Container IDEPSS 0.5%CVE-2025-65814MEDIUMA lack of security checks in the file import process of RHOPHI Analytics LLP Office App-Edit Word v6.4.1 allows attackers to execute a direcEPSS 0.5%CVE-2024-43281MEDIUMWordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-67442HIGHEVE-NG 6.4.0-13-PRO is vulnerable to Directory Traversal. The /api/export interface allows authenticated users to export lab files. This intEPSS 0.5%CVE-2025-26779MEDIUMWordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerabilityEPSS 0.5%CVE-2024-2210MEDIUMThe Plus Addons for Elementor <= 5.4.1 - Authenticated (Contributor+) Local File Inclusion via Team Member ListingEPSS 0.5%CVE-2025-3355HIGHIBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operationsEPSS 0.5%CVE-2021-41103MEDIUMInsufficiently restricted permissions on plugin directoriesEPSS 0.5%CVE-2025-11233MEDIUMRust standard library didn't detect all path separators on CygwinEPSS 0.5%CVE-2026-46703CRITICALBoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the HostEPSS 0.5%CVE-2026-40383HIGHJoomla! Core - [20260509] - LFI in HTMLView layout parameterEPSS 0.5%CVE-2026-26321HIGHOpenClaw has a local file disclosure via sendMediaFeishu in Feishu extensionEPSS 0.5%CVE-2025-66295HIGHGrav vulnerable to Path traversal / arbitrary YAML write via user creation leading to Account Takeover / System CorruptionEPSS 0.5%CVE-2025-6853MEDIUMchatchat-space Langchain-Chatchat Backend upload_temp_docs path traversalEPSS 0.5%CVE-2025-64765MEDIUMAstro middleware authentication checks based on url.pathname can be bypassed via url encoded valuesEPSS 0.5%CVE-2024-47645HIGHWordPress WPOptin plugin <= 2.0.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-45027MEDIUMQTS, QuTS hero, QuTScloudEPSS 0.5%CVE-2024-45074MEDIUMIBM webMethods Integration directory traversalEPSS 0.5%CVE-2026-54403HIGHA malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypasEPSS 0.5%