Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,141 vulnerabilities with CWE-22

CVE-2025-6020 HIGH

Red Hat Enterprise Linux - Privilege Escalation via pam_namespace Symlink Race Condition

CVE-2025-6167 MEDIUM

python-a2a < 0.5.6 - Path Traversal in create_workflow Function

CVE-2025-6166 LOW

agent-zero < 0.8.4.1 - Path Traversal in image_get Function

CVE-2025-6152 MEDIUM

Steel Browser <= 0.1.3 - Path Traversal via File Upload Filename

CVE-2025-32799 CRITICAL

conda-build < 25.4.0 - Path Traversal via Tar Entry Processing

CVE-2025-3594 CRITICAL

Liferay DXP 7.0.0-7.4.3.4 - Path Traversal & Arbitrary File Write via Xuggler

CVE-2025-4748 MEDIUM

Erlang/OTP 17.0-28.0.1, 27.3.4.1, 26.2.5.13 - Path Traversal in zip.erl

CVE-2025-6109 MEDIUM

Javahongxi Whatsmars 2021.4.0 - Path Traversal

CVE-2025-6108 MEDIUM

hansonwang99 Spring-Boot-In-Action <807fd37643aa774b94fd004cc3adbd2...

CVE-2025-5964 MEDIUM

M-Files Server < 24.8.13981.16 and 25.3.14681.7-25.6.14925.0 - Authenticated Path Traversal via API Endpoint

CVE-2025-6070 MEDIUM

Restrict File Access <1.1.2 - Path Traversal

CVE-2025-6065 CRITICAL

WordPress Image Resizer On The Fly <2.0 - Path Traversal

CVE-2025-4187 MEDIUM

UserPro - Community and User Profile WordPress Plugin <5.1.10 - Pat...

CVE-2025-28384 CRITICAL

OpenC3 COSMOS < 6.1.0 - Path Traversal via Script API Endpoint

CVE-2025-28382 HIGH

OpenC3 COSMOS < 6.1.0 - Path Traversal via openc3-api/tables Endpoint

CVE-2025-46096 MEDIUM

solon 3.1.2 - Path Traversal and Cross-Site Scripting via solon-faas-luffy Component

CVE-2025-46783 CRITICAL

RICOH Streamline NX V3 PC Client <3.242.0 - Path Traversal

CVE-2025-22241 MEDIUM

Salt 3006.x < 3006.12 and 3007.x < 3007.4 - Path Traversal in VirtKey Class

CVE-2025-22240 MEDIUM

Salt 3006.x < 3006.12 and 3007.x < 3007.4 - Arbitrary File Deletion via GitFS find_file Method

CVE-2025-22238 MEDIUM

Salt 3006.0rc1-3006.11 and 3007.0-3007.3 - Path Traversal and Arbitrary File Write in Minion File Cache

CVE-2025-4613 HIGH

Google Web Designer <16.3.0.0407 - Path Traversal

CVE-2025-40592 MEDIUM

Mendix Studio Pro <10.23.0, <10.12.17, <10.18.7, <10.6.24, <11.0.0,...

CVE-2025-47176 HIGH

Microsoft 365 Apps and Office LTSC - Path Traversal and Local Code Execution via Outlook Path Handling

CVE-2025-37100 HIGH

HPE Aruba Networking Private 5G Core - Info Disclosure

CVE-2025-5741 MEDIUM

Charging Station < - Path Traversal

Previous Page 69 of 366 Next

Details

Vulnerabilities 9,141

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy