Weaknesses of type CWE-22
4,763 resultsCVE-2026-25592CRITICALSemantic Kernel has an Arbitrary File Write via AI Agent Function Calling in .NET SDKEPSS 1.9%CVE-2021-1259MEDIUMCisco SD-WAN vManage Software Path Traversal VulnerabilityEPSS 1.9%CVE-2024-31818CRITICALDirectory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary code via the page parameter of the kiosk.pEPSS 1.9%CVE-2024-11664HIGHeNMS TGZ File controller.py multiselect_filtering path traversalEPSS 1.9%CVE-2022-46256HIGHPath traversal in GitHub Enterprise Server leading to remote code execution in GitHub PagesEPSS 1.9%CVE-2023-22273HIGHZDI-CAN-21307: Adobe RoboHelp Server OnPublishFile Directory Traversal Remote Code Execution VulnerabilityEPSS 1.9%CVE-2023-35840MEDIUM_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.EPSS 1.9%CVE-2022-24840CRITICALImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in django-s3fileEPSS 1.9%CVE-2014-10068—The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden`EPSS 1.9%CVE-2014-125125HIGHA10 Networks AX Loadbalancer Path TraversalEPSS 1.9%CVE-2021-23043—On BIG-IP, on all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a directory traversal vulnerability exists in an uEPSS 1.9%CVE-2022-20723MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 1.9%CVE-2018-3734—stattic node module suffers from a Path Traversal vulnerability due to lack of validation of path, which allows a malicious user to read conEPSS 1.9%CVE-2018-3766—Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.EPSS 1.9%CVE-2025-41242MEDIUMCVE-2025-41242: Path traversal vulnerability on non-compliant Servlet containersEPSS 1.9%CVE-2023-40517HIGHLG SuperSign Media Editor ContentRestController getObject Directory Traversal Information Disclosure VulnerabilityEPSS 1.9%CVE-2018-0323—A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remoteEPSS 1.9%CVE-2025-11466MEDIUMAllegra DatabaseBackupBL Directory Traversal Information Disclosure VulnerabilityEPSS 1.9%CVE-2023-52334HIGHAllegra downloadAttachmentGlobal Directory Traversal Information Disclosure VulnerabilityEPSS 1.9%CVE-2023-51648HIGHAllegra getFileContentAsString Directory Traversal Information Disclosure VulnerabilityEPSS 1.9%