Weaknesses of type CWE-22

4,856 results
CVE-2023-24592HIGHPath traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentiallyEPSS 0.3%CVE-2026-41691MEDIUMi18next-http-backend has Path Traversal & URL Injection via Unsanitised lng/nsEPSS 0.3%CVE-2024-27827MEDIUMThis issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be abEPSS 0.3%CVE-2021-36286HIGHDell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability thaEPSS 0.3%CVE-2026-12568MEDIUMArbitrary File Write in postman_download moduleEPSS 0.3%CVE-2026-4858HIGHPath traversal in integration action URL leading to arbitrary API execution via system admin’s auth token.EPSS 0.2%CVE-2024-44190MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7EPSS 0.2%CVE-2026-32310MEDIUMCryptomator: Unverified masterkeyfile key IDs can access arbitrary local or UNC pathsEPSS 0.2%CVE-2026-7085LOWHBAI-Ltd Toonflow-app downloadApp Endpoint downloadApp.ts z.url path traversalEPSS 0.2%CVE-2026-9062LOWAgile Store Locator < 1.6.9 - Admin+ Arbitrary File Read via Path TraversalEPSS 0.2%CVE-2026-34447MEDIUMONNX: External Data Symlink TraversalEPSS 0.2%CVE-2025-43191MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura EPSS 0.2%CVE-2025-54559LOWAn issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote Path Traversal for lEPSS 0.2%CVE-2022-3560MEDIUMA flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script tEPSS 0.2%CVE-2025-55214MEDIUMCopier safe template has filesystem write access outside destination pathEPSS 0.2%CVE-2026-24131MEDIUMpnpm has Path Traversal via arbitrary file permission modificationEPSS 0.2%CVE-2026-20613HIGHThe ArchiveReader.extractContents() function used by cctl image load and container image load performs no pathname validation before extractEPSS 0.2%CVE-2026-54014MEDIUMOpen WebUI: Sibling-Prefix Path Traversal via /cache/{path} in open-webui/open-webuiEPSS 0.2%CVE-2024-0129MEDIUMNVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extractioEPSS 0.2%CVE-2025-10406MEDIUMBlindMatrix e-Commerce < 3.1 - Contributor+ LFIEPSS 0.2%