Weaknesses of type CWE-22

4,827 results
CVE-2021-27278HIGHThis vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker muEPSS 0.5%CVE-2024-35677CRITICALWordPress MegaMenu plugin <= 2.3.12 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-45842MEDIUMSharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internaEPSS 0.5%CVE-2024-43232HIGHWordPress Timeline and History slider plugin <= 2.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-26753HIGHWordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Download vulnerabilityEPSS 0.5%CVE-2023-3675MEDIUMInsufficient input validation when downloading certain file types.EPSS 0.5%CVE-2026-24842HIGHnode-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path TraversalEPSS 0.5%CVE-2025-54293HIGHPath Traversal in LXD Instance Log File RetrievalEPSS 0.5%CVE-2026-41465HIGHProjeQtor < 12.4.4 Path Traversal via dynamicDialog.phpEPSS 0.5%CVE-2024-43221HIGHWordPress JetGridBuilder plugin <= 1.1.2 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-43345HIGHWordPress Landing Page Builder plugin <= 1.5.2.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-5714MEDIUMSoluçõesCoop iSoluçõesWEB Profile Information Update up.upload.php path traversalEPSS 0.5%CVE-2026-11367MEDIUMPixMagix <= 1.7.2 - Authenticated (Author+) Path Traversal in 'layers[].id' ParameterEPSS 0.5%CVE-2026-27400HIGHWordPress BookPro plugin <= 1.1.0 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2023-38708MEDIUMPimcore Path Traversal Vulnerability in AssetController:importServerFilesActionEPSS 0.5%CVE-2025-62156HIGHargo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwriteEPSS 0.5%CVE-2024-38709MEDIUMWordPress GD Rating System plugin <= 3.6 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-33166HIGHAllure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)EPSS 0.5%CVE-2026-3864MEDIUMCSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS serverEPSS 0.5%CVE-2024-55214MEDIUMLocal File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to obtain sensitive information via the file downlEPSS 0.5%