Fallos del tipo CWE-22

4856 resultados
CVE-2023-49801MEDIUMLif Auth Server vulnerable to uncontrolled data in path expression EPSS 0.4%CVE-2026-30403HIGHThere is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, wEPSS 0.4%CVE-2026-53825HIGHOpenClaw < 2026.4.7 - Arbitrary Local File Read via memory-wiki Ingest with operator.write ScopeEPSS 0.4%CVE-2026-3339LOWKeep Backup Daily <= 2.1.1 - Authenticated (Admin+) Limited Path Traversal via 'kbd_path' ParameterEPSS 0.4%CVE-2025-27397MEDIUMA vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit uEPSS 0.4%CVE-2026-23481MEDIUMBlinko: Authenticated Arbitrary File Write - saveAdditionalDevFileEPSS 0.4%CVE-2026-47118HIGHAgent Zero < 1.15 Path Traversal File Read via image_get APIEPSS 0.4%CVE-2026-52868HIGHOFFIS DCMTK Toolkit Path TraversalEPSS 0.4%CVE-2026-3345MEDIUMPath Traversal and Arbitrary File Write Vulnerability in IBM Langflow Desktop API v2 File Upload EndpointEPSS 0.4%CVE-2026-46484HIGHHeadplane: Path Traversal + RBAC Bypass in renameNode allows authenticated OIDC users to expire or rename any node/userEPSS 0.4%CVE-2025-67488HIGHSiYuan: ZipSlip -> Arbitrary File Overwrite -> RCEEPSS 0.4%CVE-2025-0332HIGHProgress UI for WinForms decompression path traversal vulnerabilityEPSS 0.4%CVE-2026-11720CRITICALPath Traversal in googleapis/mcp-toolbox HTTP Tool URL BuilderEPSS 0.4%CVE-2025-14727HIGHNGINX Ingress Controller vulnerabilityEPSS 0.4%CVE-2025-0614MEDIUMInput validation vulnerability in Qualifio's Wheel of FortuneEPSS 0.4%CVE-2025-4868MEDIUMmerikbest ecommerce-spring-reactjs File Upload Endpoint admin path traversalEPSS 0.4%CVE-2025-4893MEDIUMjammy928 CoinExchange_CryptoExchange_Java File Upload Endpoint UploadFileUtil.java uploadLocalImage path traversalEPSS 0.4%CVE-2026-45390CRITICALIn OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not dEPSS 0.4%CVE-2025-63372MEDIUMArticentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing cEPSS 0.4%CVE-2025-34238MEDIUMAdvantech WebAccess/VPN < 1.1.5 Path Traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction()EPSS 0.4%