Weaknesses of type CWE-22

4,853 results
CVE-2024-56179HIGHIn MindManager Windows versions prior to 24.1.150, attackers could potentially write to unexpected directories in victims' machines via direEPSS 0.4%CVE-2023-0593MEDIUMPath traversal in yaffshivEPSS 0.4%CVE-2024-39178MEDIUMMyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via the component /tcpdump/tcpdump.php?menu_uuEPSS 0.4%CVE-2026-3029HIGHCVE-2026-3029EPSS 0.4%CVE-2023-43802HIGHPath traversal in Arduino Create AgentEPSS 0.4%CVE-2025-13875MEDIUMYohann0617 oci-helper OCI Configuration Upload OciServiceImpl.java addCfg path traversalEPSS 0.4%CVE-2025-64346MEDIUMarchives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.4%CVE-2025-64485MEDIUMCVAT: Mounted share file overwrite via crafted requestEPSS 0.4%CVE-2026-42574HIGHapko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build rootEPSS 0.4%CVE-2025-68862HIGHWordPress Woo File Dropzone plugin <= 1.1.7 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-28078MEDIUMWordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2026-44641HIGHMicrosoft APM: plugin.json component paths escape plugin root and copy arbitrary host files during installEPSS 0.4%CVE-2026-52716MEDIUMWordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-7488MEDIUMJoeyBling SpringBoot_MyBatisPlus download path traversalEPSS 0.4%CVE-2024-11615MEDIUMEnvolve Plugin <= 1.0 - Unauthenticated Language File DeletionEPSS 0.4%CVE-2026-31939HIGHPath Traversal (Arbitrary File Delete) in Chamilo LMSEPSS 0.4%CVE-2025-13681MEDIUMBFG Tools – Extension Zipper <= 1.0.7 - Authenticated (Administrator+) Path Traversal via 'first_file' ParameterEPSS 0.4%CVE-2025-54029HIGHWordPress WooCommerce csv import export Plugin <= 2.0.6 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2025-53588HIGHWordPress UPC/EAN/GTIN Code Generator Plugin <= 2.0.2 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-52797HIGHGogs: Overwriting critical files results in a denial of serviceEPSS 0.4%