Weaknesses of type CWE-22

4,771 results
CVE-2022-20822HIGHCisco Identity Services Engine Unauthorized File Access VulnerabilityEPSS 1.2%CVE-2021-41150HIGHImproper sanitization of delegated role names in toughEPSS 1.2%CVE-2023-38346HIGHAn issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processEPSS 1.2%CVE-2024-39332CRITICALWebswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path traversal, likely leading to remote code execuEPSS 1.2%CVE-2025-0401MEDIUM1902756969 reggie CommonController.java download path traversalEPSS 1.2%CVE-2024-5154HIGHCri-o: malicious container can create symlink on hostEPSS 1.2%CVE-2024-4442CRITICALSalon booking system <= 9.9 - Unauthenticated Arbitrary File DeletionEPSS 1.2%CVE-2024-1358HIGHElementor Addon Elements <= 1.12.12 - Directory Traversal to Local File InclusionEPSS 1.2%CVE-2021-40358CRITICALA vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 VEPSS 1.2%CVE-2024-21852HIGHRapid SCADA Path TraversalEPSS 1.2%CVE-2021-0231MEDIUMJunos OS: SRX, vSRX Series: J-Web Path traversal vulnerability in SRX and vSRX Series leads to information disclosure.EPSS 1.2%CVE-2025-2505CRITICALAge Gate <= 3.5.3 - Unauthenticated Local PHP File Inclusion via 'lang'EPSS 1.2%CVE-2023-23314HIGHAn arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted EPSS 1.2%CVE-2025-6806HIGHMarvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write VulnerabilityEPSS 1.2%CVE-2025-6801HIGHMarvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write VulnerabilityEPSS 1.2%CVE-2022-39037HIGHFLOWRING Agentflow BPM - Path TraversalEPSS 1.2%CVE-2023-32767HIGHThe web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05-12) allows a remote attacker to read sensitive files via .. directoryEPSS 1.2%CVE-2023-30380HIGHAn issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows attackers to execute a directory traversal.EPSS 1.2%CVE-2025-53793HIGHAzure Stack Hub Information Disclosure VulnerabilityEPSS 1.2%CVE-2025-29660CRITICALA vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks EPSS 1.2%