Weaknesses of type CWE-22
4,849 resultsCVE-2024-0067MEDIUMMarinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allEPSS 0.4%CVE-2024-6044MEDIUMD-Link router - Arbitrary File ReadingEPSS 0.4%CVE-2025-6233MEDIUMArbitrary file read by system admin via path traversalEPSS 0.4%CVE-2025-53358MEDIUMkotaemon Vulnerable to Path Traversal via Link UploadEPSS 0.4%CVE-2025-8023MEDIUMPath Traversal in Template Upload Allows Uploading Files Outside Target DirectoryEPSS 0.4%CVE-2026-10094CRITICALPath Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026EPSS 0.4%CVE-2026-53777HIGHPerry < 0.5.1159 Path Traversal via ArtifactReady WebSocketEPSS 0.4%CVE-2025-40889HIGHPath traversal in Time Machine functionality in Guardian/CMC before 25.2.0EPSS 0.4%CVE-2026-40157CRITICALPraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack`EPSS 0.4%CVE-2026-58451HIGHHorde IMP < 7.0.1 Path Traversal via Compose.php img srcEPSS 0.4%CVE-2025-52450MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux EPSS 0.4%CVE-2025-8559MEDIUMAll in One Music Player <= 1.3.1 - Authenticated (Contributor+) Path Traversal via theme ParameterEPSS 0.4%CVE-2023-30584HIGHA vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improEPSS 0.4%CVE-2026-0669HIGHPath Traversal vulnerability in CSS extension on certain web serversEPSS 0.4%CVE-2023-31167MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.4%CVE-2025-35053MEDIUMNewforma Info Exchange (NIX) arbitrary file read and deleteEPSS 0.4%CVE-2025-60915HIGHAn issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execEPSS 0.4%CVE-2026-54293HIGHNLTK: URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File ReadEPSS 0.4%CVE-2024-43395HIGHCraftOS-PC 2's improperly sanitizied paths cause filesystem escape (Windows)EPSS 0.4%CVE-2025-48017CRITICALImproper Limitation of a Pathname to a Restricted DirectoryEPSS 0.4%