Weaknesses of type CWE-22

4,856 results
CVE-2026-27115HIGHADB Explorer is Vulnerable to Arbitrary Directory Deletion via Command-Line ArgumentEPSS 0.2%CVE-2022-40976MEDIUMPILZ: Multiple products affected by ZipSlipEPSS 0.2%CVE-2023-41780MEDIUMUnsafe DLL Loading Vulnerability in ZTE ZXCLOUD iRAIEPSS 0.2%CVE-2025-69620MEDIUMA path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage.EPSS 0.2%CVE-2026-40923MEDIUMTekton Pipelines: VolumeMount path restriction bypass via missing filepath.Clean in /tekton/ checkEPSS 0.2%CVE-2022-42287MEDIUMNVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can upload and download arbitrary files under certain circEPSS 0.2%CVE-2026-29064HIGHZarf: Symlink targets in archives are not validated against destination directoryEPSS 0.2%CVE-2026-28816MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe EPSS 0.2%CVE-2023-40383LOWA path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sEPSS 0.2%CVE-2023-40439LOWA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS VEPSS 0.2%CVE-2026-6940MEDIUMradare2 < 6.1.4 Project Deletion Path Traversal Directory DeletionEPSS 0.2%CVE-2021-27798privileged directory transversal.in Brocade Fabric OS versions 7.4.1.x and 7.3.xEPSS 0.2%CVE-2024-31587MEDIUMSecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower allows an unauthenticated attacker to download device configuration files via a EPSS 0.2%CVE-2023-21456CRITICALPath traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uEPSS 0.2%CVE-2026-8736LOWOinone Pamirs RestController LocalFileClient.java request.getParameter path traversalEPSS 0.2%CVE-2026-8662LOWPath Traversal in Rapid7 InsightConnect Compression PluginEPSS 0.2%CVE-2026-48776MEDIUMLangGraph SDK has unsafe URL path constructionEPSS 0.2%CVE-2022-39858HIGHPath traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FacEPSS 0.2%CVE-2026-52755HIGHGhidra < 12.0.4 - Path Traversal via Zip Slip in Theme ImportEPSS 0.2%CVE-2026-52752HIGHGhidra < 12.0.2 - Path Traversal in Extension Installer via ZIP Entry NamesEPSS 0.2%