Weaknesses of type CWE-22

4,856 results
CVE-2024-10933MEDIUMOpenBSD readdir directory traversalEPSS 0.3%CVE-2025-10559HIGHPath Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025xEPSS 0.3%CVE-2020-36970MEDIUMPMB 5.6 - 'chemin' Local File DisclosureEPSS 0.3%CVE-2025-42894MEDIUMPath Traversal vulnerability in SAP Business ConnectorEPSS 0.3%CVE-2025-67720MEDIUMPyrofork has a Path Traversal in download_media MethodEPSS 0.3%CVE-2026-50015HIGHpnpm: Arbitrary File Write/Delete via Malicious Patch File (Path Traversal)EPSS 0.3%CVE-2026-57961MEDIUMphpMyFAQ - Authenticated Path Traversal in PDF Export via concatenatePaths FunctionEPSS 0.3%CVE-2026-49340HIGHgonic has arbitrary file write in createPlaylist: any authenticated user can write playlist M3U content to attacker-controlled path on the hostEPSS 0.3%CVE-2026-55668MEDIUMFile Browser: ScopedFs follows a dangling symlink on write, letting a scoped user create files outside their scopeEPSS 0.3%CVE-2025-27726LOWImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file download process of the USB storage EPSS 0.3%CVE-2025-48395MEDIUMAn attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limitedEPSS 0.3%CVE-2023-52623MEDIUMSUNRPC: Fix a suspicious RCU usage warningEPSS 0.3%CVE-2026-48768CRITICALTypeBot: Unauthenticated arbitrary s3 object write in generate-upload-url via unsanitized fileNameEPSS 0.3%CVE-2026-55700HIGHpnpm: stage download writes outside destination via manifest version traversalEPSS 0.3%CVE-2025-63680HIGHNero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw (CWE-22) that, in combination with Windows ShellExecEPSS 0.3%CVE-2026-30240CRITICALBudibase PWA ZIP Upload Path Traversal Allows Reading Arbitrary Server Files Including All Environment SecretsEPSS 0.3%CVE-2022-2464HIGHISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-22EPSS 0.3%CVE-2025-12757MEDIUMAn AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.EPSS 0.3%CVE-2026-39377MEDIUMnbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment FilenamesEPSS 0.3%CVE-2025-22238MEDIUMCVE-2025-22238 salt advisoryEPSS 0.3%