Weaknesses of type CWE-22

4,776 results
CVE-2022-33165MEDIUMIBM Security Directory Server information disclosureEPSS 1.2%CVE-2020-15182HIGHCross-site Request Forgery leading to RCE in SOY CMSEPSS 1.2%CVE-2024-5187HIGHArbitrary File Overwrite in download_model_with_test_data in onnx/onnxEPSS 1.2%CVE-2023-25265HIGHDocmosis Tornado <= 2.9.4 is vulnerable to Directory Traversal leading to the disclosure of arbitrary content on the file system.EPSS 1.2%CVE-2024-42501HIGHAuthenticated Path Traversal Vulnerability Leads to a Remote Command Execution (RCE)EPSS 1.2%CVE-2023-32137MEDIUMD-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure VulnerabilityEPSS 1.2%CVE-2023-24057HIGHHL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal fEPSS 1.2%CVE-2022-27618MEDIUMImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Storage AnalyzeEPSS 1.2%CVE-2012-10061HIGHSockso Music Host Server <= 1.5 Path TraversalEPSS 1.2%CVE-2021-3874MEDIUMPath Traversal in bookstackapp/bookstackEPSS 1.2%CVE-2020-5221MEDIUMDirectory Traversal (Chroot Escape) vulnerability in uftpdEPSS 1.2%CVE-2021-32981HIGHAVEVA System Platform Path TraversalEPSS 1.2%CVE-2022-34126HIGHThe Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter.EPSS 1.2%CVE-2026-33001HIGHJenkins 2.554 and earlier, LTS 2.541.2 and earlier does not safely handle symbolic links during the extraction of .tar and .tar.gz archives,EPSS 1.2%CVE-2024-23671HIGHA improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.3,EPSS 1.2%CVE-2024-24482CRITICALAprktool before 2.9.3 on Windows allows ../ and /.. directory traversal.EPSS 1.2%CVE-2022-22679MEDIUMImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in support service management in Synology DiskSEPSS 1.2%CVE-2022-41418HIGHAn issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows attackers to execute aEPSS 1.2%CVE-2023-34407HIGHOfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL.EPSS 1.2%CVE-2023-44172SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_weixin.php.EPSS 1.2%