Weaknesses of type CWE-22

4,856 results
CVE-2021-29088HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') in cgi component in Synology DiskStation Manager (DSM) beforeEPSS 0.3%CVE-2026-5203MEDIUMCMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversalEPSS 0.3%CVE-2026-41412MEDIUMalf.io vulnerable to Arbitrary File Read and Exfil via simpleHttpClient Extension ScriptEPSS 0.3%CVE-2026-54591HIGHAsyncSSH: SCP Path Traversal to Arbitrary File WriteEPSS 0.3%CVE-2024-6971LOWPath Traversal in parisneo/lollms-webuiEPSS 0.3%CVE-2026-45569HIGHRoxy-WI: Path-traversal patch in commit d4d10006 is a no-op (tuple-membership bug)EPSS 0.3%CVE-2026-59832HIGHSiYuan: Authenticated path traversal in /snippets/ static handler (serveSnippets) leaks conf/conf.json secrets and siyuan.dbEPSS 0.3%CVE-2025-58355HIGHSoft Serve is vulnerable to arbitrary file writing through its SSH APIEPSS 0.3%CVE-2026-2500MEDIUMQuick Playground <= 1.3.4 - Authenticated (Administrator+) Arbitrary File Read via 'filename' ParameterEPSS 0.3%CVE-2026-42028MEDIUMnovaGallery: Unauthenticated Path Traversal in Album and Cached Image Routes Allows Reading Images Outside Gallery RootEPSS 0.3%CVE-2026-4619MEDIUMPath Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.EPSS 0.3%CVE-2026-39307HIGHPraisonAI has an Arbitrary File Write (Zip Slip) in Templates ExtractionEPSS 0.3%CVE-2026-55631HIGHDataEase: Path Traversal Leading to Arbitrary File Deletion via Font ManagementEPSS 0.3%CVE-2026-42867MEDIUMLangflow: Path Traversal in Knowledge Bases API via Creation EndpointEPSS 0.3%CVE-2022-28543MEDIUMPath traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permisEPSS 0.3%CVE-2026-41894HIGHSiYuan: Incomplete Fix Bypass for CVE-2026-30869: Path Traversal via Double URL Encoding in `/export/` EndpointEPSS 0.3%CVE-2026-49742HIGHTYPO3 CMS - Broken Access Control in Media ModuleEPSS 0.3%CVE-2021-1436MEDIUMCisco IOS XE SD-WAN Software Path Traversal VulnerabilityEPSS 0.3%CVE-2025-69226MEDIUMAIOHTTP allows for a brute-force leak of internal static filepath componentsEPSS 0.3%CVE-2025-2830MEDIUMInformation Disclosure of /tmp directory listingEPSS 0.3%