Weaknesses of type CWE-22
4,766 resultsCVE-2025-27410MEDIUMPwnDoc Arbitrary File Write to RCE using Path Traversal in backup restore as adminEPSS 1.8%CVE-2023-32004HIGHA vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improEPSS 1.8%CVE-2019-19290MEDIUMA vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The DOWNLOADS section in the web interface of thEPSS 1.8%CVE-2019-19296MEDIUMA vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). The two FTP services (default ports 21/tcp and 5411EPSS 1.8%CVE-2024-11303HIGHPath TraversalEPSS 1.8%CVE-2020-3130MEDIUMCisco Unity Connection Directory Traversal VulnerabilityEPSS 1.8%CVE-2020-5366HIGHDell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. A remote authenticated malicious user with low privilegEPSS 1.8%CVE-2023-27603CRITICALApache Linkis Mangaer module engineConn material upload exists Zip Slip issueEPSS 1.8%CVE-2021-33178—The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. EPSS 1.8%CVE-2024-27977HIGHA Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete arbitrary EPSS 1.8%CVE-2021-28172HIGHVangene deltaFlow E-platform - Path TraversalEPSS 1.8%CVE-2023-6265MEDIUMDrayTek Vigor2960 mainfunction.cgi dumpSyslog 'option' directory traversalEPSS 1.8%CVE-2025-0573MEDIUMSante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write VulnerabilityEPSS 1.8%CVE-2017-16091—xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker accesEPSS 1.8%CVE-2024-56331MEDIUMLocal File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitorEPSS 1.8%CVE-2022-31703HIGHThe vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operatiEPSS 1.8%CVE-2023-51640HIGHAllegra extarctZippedFile Directory Traversal Remote Code Execution VulnerabilityEPSS 1.8%CVE-2023-51645HIGHAllegra unzipFile Directory Traversal Remote Code Execution VulnerabilityEPSS 1.8%CVE-2018-3712—serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in pathEPSS 1.8%CVE-2023-51646HIGHAllegra uploadSimpleFile Directory Traversal Remote Code Execution VulnerabilityEPSS 1.8%