Weaknesses of type CWE-22
4,723 resultsCVE-2026-42600MEDIUMMinIO: Path Traversal via msgpack Body in `ReadMultiple` Storage-REST EndpointEPSS 8.5%CVE-2020-3143HIGHCisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Path Traversal VulnerabilityEPSS 8.5%CVE-2017-9640—A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScEPSS 8.5%CVE-2017-20212HIGHFLIR Thermal Camera F/FC/PT/D 8.0.0.64 Information Disclosure via File ReadingEPSS 8.3%CVE-2024-40348HIGHAn issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal.EPSS 8.3%CVE-2024-31848CRITICALA path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, whicEPSS 8.2%CVE-2023-43662HIGHArbitrary file read vulnerability in Shoko ServerEPSS 8.1%CVE-2018-17899—LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.EPSS 8.1%CVE-2022-24900CRITICALAbsolute Path Traversal due to incorrect use of `send_file` call in Piano LED VisualizerEPSS 8.0%CVE-2026-33497HIGHLangflow: /profile_pictures/{folder_name}/{file_name} endpoint file readingEPSS 8.0%CVE-2024-41922HIGHA directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP reqEPSS 8.0%CVE-2021-1435MEDIUMCisco IOS XE Software Web UI Command Injection VulnerabilityEPSS 7.9%CVE-2026-24479CRITICALHUSTOJ has Arbitrary File Write (Zip Slip) in Problem Import Modules that leads to RCEEPSS 7.9%CVE-2024-23477HIGHSolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution VulnerabilityEPSS 7.8%CVE-2025-68143MEDIUMmcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locationsEPSS 7.8%CVE-2021-27825HIGHA directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.EPSS 7.8%CVE-2021-32803HIGHArbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoningEPSS 7.8%CVE-2020-16245—Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker tEPSS 7.7%CVE-2023-25289HIGHDirectory Traversal vulnerability in virtualreception Digital Receptie version win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 in embedded web seEPSS 7.7%CVE-2026-20262MEDIUMCisco Catalyst SD-WAN Manager Arbitrary File Write VulnerabilityEPSS 7.7%KEV