Weaknesses of type CWE-22

4,762 results
CVE-2020-15124CRITICALPath traversal in Goobi viewer CoreEPSS 1.5%CVE-2024-49082MEDIUMWindows File Explorer Information Disclosure VulnerabilityEPSS 1.5%CVE-2021-37317CRITICALDirectory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers toEPSS 1.5%CVE-2024-27081HIGHESPHome remote code execution via arbitrary file writeEPSS 1.5%CVE-2023-34478CRITICALApache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.EPSS 1.5%CVE-2020-15230HIGHArbitrary file read un VaporEPSS 1.5%CVE-2022-34426HIGHDell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries EPSS 1.5%CVE-2019-15596A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within tEPSS 1.5%CVE-2022-1166JobMonster < 4.6.6.1 - Directory Listing in Upload FolderEPSS 1.5%CVE-2020-13377HIGHThe web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attackerEPSS 1.5%CVE-2023-49569CRITICALMaliciously crafted Git server replies can lead to path traversal and RCE on go-git clientsEPSS 1.5%CVE-2026-23482HIGHBlinko: Unauthorized Arbitrary File Read - /api/file/tempEPSS 1.5%CVE-2024-4346CRITICALStartklar Elementor Addons <= 1.7.13 - Unauthenticated Arbitrary File DeletionEPSS 1.5%CVE-2020-36898HIGHQiHang Media Web Digital Signage 3.0.9 Unauthenticated Arbitrary File DeletionEPSS 1.5%CVE-2024-23474HIGHSolarWinds Access Rights Manager (ARM) deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure VulnerabilityEPSS 1.5%CVE-2021-41281HIGHPath traversal in Matrix SynapseEPSS 1.5%CVE-2021-34701MEDIUMCisco Unified Communications Products Path Traversal VulnerabilityEPSS 1.5%CVE-2024-27178HIGHRemote Code ExecutionEPSS 1.5%CVE-2024-27176HIGHRemote Code ExecutionEPSS 1.5%CVE-2024-11239MEDIUMLandray EKP API Interface import.do deleteFile path traversalEPSS 1.5%