Fallos del tipo CWE-22

4856 resultados
CVE-2026-31913HIGHWordPress Scape theme < 1.5.16 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-24953MEDIUMWordPress Simple File List plugin <= 6.1.15 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2025-64074MEDIUMA path-traversal vulnerability in the logout functionality of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to EPSS 0.4%CVE-2026-24137MEDIUMsigstore legacy TUF client allows for arbitrary file writes with target cache path traversalEPSS 0.4%CVE-2025-46559MEDIUMMisskey Directory Traversal Vulnerability in AiScript via `Mk:api`EPSS 0.4%CVE-2025-65952HIGHConsole is vulnerable to path traversal regarding custom assetsEPSS 0.4%CVE-2024-55659HIGHSiYuan has an arbitrary file write in the host via /api/asset/uploadEPSS 0.4%CVE-2025-7039LOWGlib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()EPSS 0.4%CVE-2026-28705MEDIUMGitea repository dumps write release assets using unsafe path namesEPSS 0.4%CVE-2025-14413HIGHSoda PDF Desktop CBZ File Parsing Directory Traversal Remote Code Execution VulnerabilityEPSS 0.4%CVE-2026-2863MEDIUMfeng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java deleteFile path traversalEPSS 0.4%CVE-2022-28541MEDIUMUncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as SamEPSS 0.4%CVE-2024-3318MEDIUMSailPoint Identity Security Cloud Connector File Path Traversal VulnerabilityEPSS 0.4%CVE-2025-53375MEDIUMDokploy allows attackers to read any file that the Traefik process user can accessEPSS 0.4%CVE-2026-43888HIGHOutline: Zip Extraction Path Escape via PATH_MAX Truncation in Collection ImportEPSS 0.4%CVE-2023-5327LOWSATO CL4NX-J Plus path traversalEPSS 0.4%CVE-2024-57186MEDIUMIn Erxes <1.6.2, an unauthenticated attacker can read arbitrary files from the system using a Path Traversal vulnerability in the /read-fileEPSS 0.4%CVE-2026-6591MEDIUMComfyUI LoadImage Node folder_paths.py folder_paths.get_annotated_filepath path traversalEPSS 0.4%CVE-2026-20916HIGHBIG-IQ iControl REST vulnerabilityEPSS 0.4%CVE-2026-7676MEDIUMkerwincui FastBee Tool Download Endpoint ToolController.java ToolController.download path traversalEPSS 0.4%