Fallos del tipo CWE-22
4871 resultadosCVE-2025-44021LOWOpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via theEPSS 0.2%CVE-2025-3722NONEA path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue EPSS 0.2%CVE-2026-20653MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.5 and iPadOSEPSS 0.2%CVE-2026-42549MEDIUMFlight: Path traversal in `make:controller` CLI creates arbitrary directories outside project rootEPSS 0.2%CVE-2024-42187MEDIUMHCL BigFix Patch Download Plug-ins are affected by path traversal vulnerabilityEPSS 0.2%CVE-2026-9789HIGHNitroSense V3: Security Vulnerability InformationEPSS 0.2%CVE-2026-28486MEDIUMOpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation CommandsEPSS 0.2%CVE-2026-58302HIGHrtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library moduleEPSS 0.2%CVE-2022-50956MEDIUMWordPress Plugin amministrazione-aperta 3.7.3 Local File ReadEPSS 0.2%CVE-2026-43965MEDIUMPath Traversal in build/packages/packages.toml Allows Arbitrary Directory DeletionEPSS 0.2%CVE-2026-32685MEDIUMPath Traversal in gleam docs build via documentation.pages Allows Arbitrary File Read and WriteEPSS 0.2%CVE-2026-42881HIGHSTIGQter: Arbitrary File Write leading to Local Code Execution via Export HTMLEPSS 0.2%CVE-2026-41530MEDIUMThe automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected EPSS 0.1%CVE-2025-31248MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.5, mEPSS 0.1%CVE-2026-7875CRITICALNanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment HandlingEPSS 0.1%CVE-2026-60088MEDIUMPraisonAI before 4.6.78 Path Traversal via Custom CommandsEPSS 0.1%CVE-2025-20277LOWCisco Unified Contact Center Express Path Traversal VulnerabilityEPSS 0.1%CVE-2026-43989HIGHJunoClaw: upload_wasm accepted arbitrary filesystem paths without validationEPSS 0.1%CVE-2024-47292MEDIUMPath traversal vulnerability in the Bluetooth module
Impact: Successful exploitation of this vulnerability may affect service confidentialitEPSS 0.1%CVE-2026-3223HIGHZip Slip leading to Arbitrary File Write and Privilege Escalation in Google Web DesignerEPSS 0.1%