Weaknesses of type CWE-22

4,775 results
CVE-2021-27461A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow aEPSS 1.4%CVE-2024-46446CRITICALMecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs that bypass user identity checks. ParameterEPSS 1.4%CVE-2021-29087HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation ManEPSS 1.4%CVE-2025-66480CRITICALWildfire has Arbitrary File Upload via Directory Traversal in UploadFileActionEPSS 1.4%CVE-2021-32643MEDIUMStaticFile.fromUrl can leak presence of a directoryEPSS 1.4%CVE-2022-33897MEDIUMA directory traversal vulnerability exists in the web_server /ajax/remove/ functionality of Robustel R1510 3.1.16. A specially-crafted netwoEPSS 1.4%CVE-2021-21269HIGHPath Traversal in KeymakerEPSS 1.4%CVE-2023-36534CRITICALPath traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via nEPSS 1.4%CVE-2021-42542HIGHEmerson WirelessHART GatewayEPSS 1.4%CVE-2019-1765HIGHCisco IP Phone 8800 Series Path Traversal VulnerabilityEPSS 1.4%CVE-2024-12866HIGHLocal File Inclusion in netease-youdao/qanythingEPSS 1.4%CVE-2023-6972CRITICALBackup Migration <= 1.3.9 - Unauthenticated Path Traversal to Arbitrary File DeletionEPSS 1.4%CVE-2024-31860MEDIUMApache Zeppelin: Path traversal vulnerabilityEPSS 1.4%CVE-2022-34271HIGHApache Atlas: zip path traversal in import functionalityEPSS 1.4%CVE-2022-34822CRITICALPath traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SinEPSS 1.4%CVE-2021-22933A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform an arbitrary file delete via a mEPSS 1.4%CVE-2021-4463HIGHLongjing Technology BEMS API <= 1.21 Remote Arbitrary File DownloadEPSS 1.4%CVE-2021-41185HIGHDownload file outside intended directoryEPSS 1.4%CVE-2021-24447WP Image Zoom < 1.47 - Local File InclusionEPSS 1.4%CVE-2022-20720MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 1.4%