Fallos del tipo CWE-22
4828 resultadosCVE-2025-11002HIGH7-Zip ZIP File Parsing Directory Traversal Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-65345MEDIUMalexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to cEPSS 0.5%CVE-2025-60969MEDIUMDirectory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers toEPSS 0.5%CVE-2024-30492MEDIUMWordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerabilityEPSS 0.5%CVE-2026-2692MEDIUMCoCoTeaNet CyreneAdmin Image getAvatar path traversalEPSS 0.5%CVE-2026-11431HIGHPath Traversal in Altium Projects Service Allows Arbitrary File ReadEPSS 0.5%CVE-2026-2111MEDIUMJeecgBoot Retrieval-Augmented Generation edit path traversalEPSS 0.5%CVE-2024-54291HIGHWordPress PluginPass plugin <= 0.9.10 - Arbitrary File Download/Delete vulnerabilityEPSS 0.5%CVE-2025-59343HIGHtar-fs has a symlink validation bypass if destination directory is predictable with a specific tarballEPSS 0.5%CVE-2026-32727HIGHSciTokens: Authorization Bypass via Path Traversal in Scope ValidationEPSS 0.5%CVE-2025-9693HIGHUser Meta – User Profile Builder and User management plugin <= 3.1.2 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.5%CVE-2025-27785HIGHApplio allows arbitrary file read in train.py export_index functionEPSS 0.5%CVE-2025-1127CRITICALCombination Path Traversal and Concurrent Execution vulnerability exists within the embedded web serverEPSS 0.5%CVE-2024-33870MEDIUMAn issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary fileEPSS 0.5%CVE-2024-34552HIGHWordPress Stockholm theme <= 9.6 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-27142MEDIUMLocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commandsEPSS 0.5%CVE-2024-34554HIGHWordPress Stockholm Core plugin <= 2.4.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-34783HIGHFerret has a Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websitesEPSS 0.5%CVE-2024-27869HIGHThe issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to record thEPSS 0.5%CVE-2025-27786HIGHApplio allows arbitrary file removal in core.pyEPSS 0.5%