Weaknesses of type CWE-23
425 resultsCVE-2023-23379HIGHMicrosoft Defender for IoT Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2024-9405MEDIUMAn incorrect limitation of a path to a restricted directory (path traversal) has been detected in Pluck CMS, affecting version 4.7.18. An unEPSS 0.4%CVE-2026-25575HIGHNavigaTUM has a Path Traversal Vulnerability in the propose_edits functionalityEPSS 0.4%CVE-2023-29189MEDIUMHTTP Verb Tampering vulnerability in SAP CRM (WebClient UI)EPSS 0.4%CVE-2025-58464HIGHQuMagieEPSS 0.4%CVE-2025-51052MEDIUMA path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting EPSS 0.4%CVE-2026-23890MEDIUMpnpm scoped bin name Path Traversal allows arbitrary file creation outside node_modules/.binEPSS 0.4%CVE-2026-5422MEDIUMPath Traversal in jupyter/jupyterEPSS 0.4%CVE-2025-41268HIGHNozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Waterfall WF-500 TX and RX Hosts in versionEPSS 0.4%CVE-2026-29201HIGHInsufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relaEPSS 0.4%CVE-2025-41271HIGHNozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.EPSS 0.4%CVE-2025-24343MEDIUMA vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) atEPSS 0.4%CVE-2025-53082MEDIUMAn 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on EPSS 0.4%CVE-2025-64714MEDIUMPrivateBin's template-switching feature allows arbitrary local file inclusion through path traversalEPSS 0.4%CVE-2025-64757LOWAstro Development Server is Vulnerable to Arbitrary Local File ReadEPSS 0.4%CVE-2025-59336MEDIUMRelative Path Traversal in LuanoxEPSS 0.4%CVE-2024-12019HIGHArbitrary File Read via Document APIEPSS 0.4%CVE-2025-58467LOWQsync CentralEPSS 0.4%CVE-2025-58463LOWDownload StationEPSS 0.4%CVE-2025-47788CRITICALMissing Path Validation Enables Path Traversal in Controller.phpEPSS 0.4%