Weaknesses of type CWE-22
4,746 resultsCVE-2022-2463MEDIUMISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-22EPSS 2.6%CVE-2020-3440MEDIUMCisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite VulnerabilityEPSS 2.6%CVE-2023-27648CRITICALDirectory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary cEPSS 2.6%CVE-2026-29059MEDIUMWindmill: SUPERADMIN_SECRET (rarely used) can be accessed publiclyEPSS 2.6%CVE-2020-10696HIGHA path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a maliciousEPSS 2.6%CVE-2024-45436CRITICALextractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory.EPSS 2.6%CVE-2022-40701MEDIUMA directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A speciallyEPSS 2.6%CVE-2019-5484—Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackeEPSS 2.6%CVE-2020-37088HIGHSchool ERP Pro 1.0 - Arbitrary File ReadEPSS 2.6%CVE-2022-20719MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 2.6%CVE-2018-7503—In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prioEPSS 2.6%CVE-2018-19003—GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All veEPSS 2.6%CVE-2024-36527MEDIUMpuppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol EPSS 2.6%CVE-2022-21675CRITICALBytecode Viewer v2.10.x Zip SlipEPSS 2.5%CVE-2024-23466CRITICALSolarWinds Access Rights Manager Directory Traversal Remote Code Execution VulnerabilityEPSS 2.5%CVE-2018-1002207—mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to wrEPSS 2.5%CVE-2020-14352—A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in reEPSS 2.5%CVE-2017-6629—A vulnerability in the ImageID parameter of Cisco Unity Connection 10.5(2) could allow an unauthenticated, remote attacker to access files iEPSS 2.5%CVE-2019-15600—A Path traversal exists in http_server which allows an attacker to read arbitrary system files.EPSS 2.5%CVE-2020-36939HIGHCassandra Web 0.5.0 - Remote File ReadEPSS 2.5%