Weaknesses of type CWE-22

4,780 results
CVE-2025-4138HIGHBypassing extraction filter to create symlinks to arbitrary targets outside extraction directoryEPSS 1.1%CVE-2022-24877CRITICALImproper path handling in kustomization files allows path traversalEPSS 1.1%CVE-2024-10816HIGHLUNA RADIO PLAYER <= 6.24.01.24 - Unauthenticated Arbitrary File ReadEPSS 1.1%CVE-2023-6352MEDIUMAquaforest TIFF Server default configuration allows access to arbitrary filesEPSS 1.1%CVE-2023-4593MEDIUMPath Traversal in BVRP Software SLmailEPSS 1.1%CVE-2026-30958HIGHOneUptime: Path Traversal — Arbitrary File Read (No Auth)EPSS 1.1%CVE-2019-25574HIGHGreen CMS 2.x Path Traversal Arbitrary File DownloadEPSS 1.1%CVE-2024-3403HIGHLocal File Inclusion in imartinez/privategptEPSS 1.1%CVE-2025-67174MEDIUMA local file inclusion (LFI) vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal EPSS 1.1%CVE-2022-31195HIGHPath traversal vulnerability in Simple Archive Format package import in DSpaceEPSS 1.1%CVE-2022-42706MEDIUMAn issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetCoEPSS 1.1%CVE-2024-22523HIGHDirectory Traversal vulnerability in Qiyu iFair version 23.8_ad0 and before, allows remote attackers to obtain sensitive information via uplEPSS 1.1%CVE-2025-21623HIGHClipBucket V5 Unauthenticated Template Directory Update to Denial-of-ServiceEPSS 1.1%CVE-2022-20816MEDIUMCisco Unified Communications Manager Arbitrary File Deletion VulnerabilityEPSS 1.1%CVE-2023-36827HIGHFides vulnerable to Path Traversal in Webserver APIEPSS 1.1%CVE-2019-25579HIGHphpTransformer 2016.9 Directory Traversal via jQueryFileUploadEPSS 1.1%CVE-2023-48243HIGHThe vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS userEPSS 1.1%CVE-2023-26152HIGHAll versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath EPSS 1.1%CVE-2010-20109HIGHBarracuda Spam & Virus Firewall "locale" Path TraversalEPSS 1.1%CVE-2023-47890HIGHpyLoad 0.5.0 is vulnerable to Unrestricted File Upload.EPSS 1.1%