Weaknesses of type CWE-22

4,856 results
CVE-2024-23216MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS VenturaEPSS 0.3%CVE-2026-49991HIGHRustFS Snowball Auto-Extract: Path Traversal allows cross-bucket object injectionEPSS 0.3%CVE-2026-49342MEDIUMYARD static cache reads raw traversal paths before router sanitizationEPSS 0.3%CVE-2023-2270HIGHLocal privilege escalationEPSS 0.3%CVE-2026-2818HIGHZip Slip Path Traversal in Snapshot Archive Extraction (Windows-Specific)EPSS 0.3%CVE-2025-14965MEDIUM1541492390c yougou-mall ResourceController.java delete path traversalEPSS 0.3%CVE-2025-61641LOWAPI list=allpages with maxsize is making really slow queriesEPSS 0.3%CVE-2020-36970MEDIUMPMB 5.6 - 'chemin' Local File DisclosureEPSS 0.3%CVE-2024-10933MEDIUMOpenBSD readdir directory traversalEPSS 0.3%CVE-2025-67720MEDIUMPyrofork has a Path Traversal in download_media MethodEPSS 0.3%CVE-2025-10559HIGHPath Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025xEPSS 0.3%CVE-2025-42894MEDIUMPath Traversal vulnerability in SAP Business ConnectorEPSS 0.3%CVE-2023-52953MEDIUMPath traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confEPSS 0.3%CVE-2026-50015HIGHpnpm: Arbitrary File Write/Delete via Malicious Patch File (Path Traversal)EPSS 0.3%CVE-2026-55668MEDIUMFile Browser: ScopedFs follows a dangling symlink on write, letting a scoped user create files outside their scopeEPSS 0.3%CVE-2026-49340HIGHgonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the hostEPSS 0.3%CVE-2025-48395MEDIUMAn attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limitedEPSS 0.3%CVE-2026-48768CRITICALTypeBot: Unauthenticated arbitrary s3 object write in generate-upload-url via unsanitized fileNameEPSS 0.3%CVE-2025-27726LOWImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file download process of the USB storage EPSS 0.3%CVE-2023-52623MEDIUMSUNRPC: Fix a suspicious RCU usage warningEPSS 0.3%