Weaknesses of type CWE-22

4,836 results
CVE-2025-33036HIGHQsync CentralEPSS 0.4%CVE-2025-30270MEDIUMQTS, QuTS heroEPSS 0.4%CVE-2025-33037HIGHQsync CentralEPSS 0.4%CVE-2025-33034MEDIUMQsync CentralEPSS 0.4%CVE-2025-60574HIGHA Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue exists in the "/styles/" path, which failsEPSS 0.4%CVE-2024-23774HIGHAn issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KEPSS 0.4%CVE-2024-5824HIGHPath Traversal in parisneo/lollmsEPSS 0.4%CVE-2026-33329HIGHFileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence OracleEPSS 0.4%CVE-2025-14910MEDIUMEdimax BR-6208AC FTP Daemon Service handle_retr path traversalEPSS 0.4%CVE-2025-32943LOWPeerTube HLS Video Files Path TraversalEPSS 0.4%CVE-2026-0571MEDIUMyeqifu warehouse AppFileUtils.java createResponseEntity path traversalEPSS 0.4%CVE-2026-28795HIGHOpenChatBI: Critical Path Traversal Vulnerability in save_report Tool of OpenChatBIEPSS 0.4%CVE-2025-39473HIGHWordPress Seofy Core plugin <= 1.6.8 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2025-29592MEDIUMoasys v1.1 is vulnerable to Directory Traversal in ProcedureController.EPSS 0.4%CVE-2025-64184HIGHDosage vulnerable to Directory Traversal through crafted HTTP responsesEPSS 0.4%CVE-2025-27566MEDIUMPath traversal vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and versions prior to Ver. 3.0.47. This is an issue with insEPSS 0.4%CVE-2025-12422CRITICALVulnerable Upgrade Feature (Arbitrary File Write)EPSS 0.4%CVE-2026-40769HIGHWordPress Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin <= 1.0.6 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-10232MEDIUM299ko FileManagerAPIController.php delete path traversalEPSS 0.4%CVE-2025-64108HIGHCursor's Sensitive File Modification can Lead to NTFS Path QuirksEPSS 0.4%