Weaknesses of type CWE-36
127 resultsCVE-2024-13159CRITICALAbsolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remoteEPSS 99.8%KEVCVE-2018-20250HIGHIn WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (inEPSS 96.3%KEVCVE-2024-48248HIGHNAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lEPSS 94.0%KEVCVE-2024-13160CRITICALAbsolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remoteEPSS 89.7%KEVCVE-2024-13161CRITICALAbsolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remoteEPSS 88.5%KEVCVE-2023-3765CRITICALAbsolute Path Traversal in mlflow/mlflowEPSS 70.7%CVE-2025-0851CRITICALPath traversal issue in Deep Java LibraryEPSS 23.0%CVE-2025-34392CRITICALBarracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCEEPSS 22.0%CVE-2025-68472HIGHMindsDB has improper sanitation of filepath that leads to information disclosure and DOSEPSS 19.2%CVE-2025-57790HIGHPath Traversal VulnerabilityEPSS 16.1%CVE-2021-21586HIGHWyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user couldEPSS 4.0%CVE-2025-46822HIGHUnauthenticated Arbitrary File Read via Absolute PathEPSS 4.0%CVE-2021-1296HIGHCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write VulnerabilitiesEPSS 3.7%CVE-2021-1297HIGHCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write VulnerabilitiesEPSS 3.7%CVE-2024-29053HIGHMicrosoft Defender for IoT Remote Code Execution VulnerabilityEPSS 3.2%CVE-2024-21323HIGHMicrosoft Defender for IoT Remote Code Execution VulnerabilityEPSS 3.2%CVE-2024-10811CRITICALAbsolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remoteEPSS 3.2%CVE-2026-28414HIGHGradio has Absolute Path Traversal on Windows with Python 3.13+EPSS 3.1%CVE-2021-1618MEDIUMCisco Intersight Virtual Appliance VulnerabilitiesEPSS 2.7%CVE-2023-36786HIGHSkype for Business Remote Code Execution VulnerabilityEPSS 2.5%