Weaknesses of type CWE-22

4,826 results
CVE-2024-31300HIGHWordPress Easy Social Share Buttons plugin <= 9.4 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2026-33211CRITICALTekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver podEPSS 0.6%CVE-2025-7566MEDIUMjshERP SystemConfigController.java exportExcelByParam path traversalEPSS 0.6%CVE-2026-32274HIGHBlack: Arbitrary file writes from unsanitized user input in cache file nameEPSS 0.6%CVE-2025-25371HIGHNASA cFS (Core Flight System) Aquila is vulnerable to path traversal in the OSAL module, allowing the override of any arbitrary file on the EPSS 0.6%CVE-2023-42456LOWsudo-rs Session File Relative Path Traversal vulnerabilityEPSS 0.6%CVE-2025-5545MEDIUMaaluoxiang oa_system ProcedureController.java image path traversalEPSS 0.6%CVE-2026-27598HIGHDagu: Path traversal in DAG creation allows arbitrary YAML file write outside DAGs directoryEPSS 0.6%CVE-2025-5381MEDIUMYifang CMS Admin Panel downloadFile path traversalEPSS 0.6%CVE-2022-0436HIGHPath Traversal in gruntjs/gruntEPSS 0.6%CVE-2026-34524HIGHSillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data rootEPSS 0.6%CVE-2026-5957MEDIUMEmailKit <= 1.6.5 - Authenticated (Author+) Arbitrary File Read via 'emailkit-editor-template' REST ParameterEPSS 0.6%CVE-2024-31232HIGHWordPress Rehub theme <= 19.6.1 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-42485HIGHFilament Excel Vulnerable to Path Traversal Attack on Export Download EndpointEPSS 0.6%CVE-2023-2316HIGHTypora Local File DisclosureEPSS 0.6%CVE-2024-55515CRITICALA vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_ipslib.pEPSS 0.6%CVE-2023-41044LOWPartial path traversal vulnerability in Support Bundle feature of GraylogEPSS 0.6%CVE-2023-5588LOWkphrx pleroma pack.ex Pleroma.Emoji.Pack path traversalEPSS 0.6%CVE-2025-23250HIGHNVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory EPSS 0.6%CVE-2024-42474MEDIUMStreamlit Path Traversal Security Vulnerability on WindowsEPSS 0.6%