Weaknesses of type CWE-22

4,853 results
CVE-2024-30143MEDIUMA path traversal vulnerability in HCL AppScan Traffic RecorderEPSS 0.4%CVE-2025-12203MEDIUMgivanz Vvveb Code Editor functions.php sanitizeFileName path traversalEPSS 0.4%CVE-2026-4307MEDIUMfrdel/agent0ai agent-zero files.py get_abs_path path traversalEPSS 0.4%CVE-2026-21878HIGHBACnet Stack Improperly Limits Pathnames to a Restricted DirectoryEPSS 0.4%CVE-2026-4917MEDIUMIBM Guardium Data Protection is affected by multiple vulnerabilitiesEPSS 0.4%CVE-2025-63918MEDIUMPDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrarEPSS 0.4%CVE-2026-40518HIGHByteDance DeerFlow Path Traversal and Arbitrary File Write via Bootstrap ModeEPSS 0.4%CVE-2026-27704MEDIUMDart SDK and Flutter SDK have Zip slip in Dart Pub package extractionEPSS 0.4%CVE-2026-49738LOWTYPO3 CMS - Broken Access Control in File Abstraction LayerEPSS 0.4%CVE-2025-13891MEDIUMImage Gallery – Photo Grid & Video Gallery (Modula) <= 2.13.3 - Missing Authorization to Arbitrary Directory ListingEPSS 0.4%CVE-2026-28447HIGHOpenClaw 2026.1.29-beta.1 < 2026.2.1 - Path Traversal in Plugin Installation via Package NameEPSS 0.4%CVE-2025-43889MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release VerEPSS 0.4%CVE-2019-0074MEDIUMJunos OS: NFX150 Series, QFX10K Series, EX9200 Series, MX Series, PTX Series: Path traversal vulnerability in NFX150 and NG-RE leads to information disclosure.EPSS 0.4%CVE-2026-47368HIGHA malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtaiEPSS 0.4%CVE-2026-39468MEDIUMWordPress Meta Box – WordPress Custom Fields Framework plugin <= 5.11.1 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-45225HIGHHeym < 0.0.21 Path Traversal File Upload via upload_file()EPSS 0.4%CVE-2023-43802HIGHPath traversal in Arduino Create AgentEPSS 0.4%CVE-2024-39178MEDIUMMyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via the component /tcpdump/tcpdump.php?menu_uuEPSS 0.4%CVE-2026-3029HIGHCVE-2026-3029EPSS 0.4%CVE-2023-0593MEDIUMPath traversal in yaffshivEPSS 0.4%