Weaknesses of type CWE-22
4,766 resultsCVE-2022-1000HIGHPath Traversal in prasathmani/tinyfilemanagerEPSS 1.9%CVE-2020-26299MEDIUMFile System Bounds EscapeEPSS 1.9%CVE-2023-42819HIGHPath traversal in JumpserverEPSS 1.9%CVE-2024-3571MEDIUMPath Traversal in langchain-ai/langchainEPSS 1.9%CVE-2023-52333CRITICALAllegra saveFile Directory Traversal Remote Code Execution VulnerabilityEPSS 1.9%CVE-2024-37728HIGHArbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attackEPSS 1.9%CVE-2021-37712HIGHArbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic linksEPSS 1.8%CVE-2022-31473MEDIUMBIG-IP APM Appliance mode vulnerability CVE-2022-31473EPSS 1.8%CVE-2021-43775HIGHArbitrary file reading vulnerability in AimEPSS 1.8%CVE-2025-10897HIGHWooCommerce Designer Pro <= 1.9.28 - Unauthenticated Arbitrary File ReadEPSS 1.8%CVE-2021-32633MEDIUMRemote Code Execution via traversal in TAL expressionsEPSS 1.8%CVE-2023-33226HIGHDirectory Traversal Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-33227HIGHDirectory Traversal Remote Code Execution VulnerabilityEPSS 1.8%CVE-2022-41158HIGHeyoom builder Remote Code Execution VulnerabilityEPSS 1.8%CVE-2017-15893—Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated useEPSS 1.8%CVE-2017-16029—hostr is a simple web server that serves up the contents of the current directory. There is a directory traversal vulnerability in hostr 2.3EPSS 1.8%CVE-2024-33350CRITICALDirectory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary code and obtain sensitive information via EPSS 1.8%CVE-2022-48482HIGH3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /ElectrEPSS 1.8%CVE-2018-16482—A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive informaEPSS 1.8%CVE-2022-37865CRITICALApache Ivy allows creating/overwriting any file on the systemEPSS 1.8%