Fallos del tipo CWE-22
4730 resultadosCVE-2022-48253CRITICALnhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote serveEPSS 3.4%CVE-2019-3880MEDIUMA flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could useEPSS 3.4%CVE-2023-40279HIGHAn issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET requesEPSS 3.4%CVE-2024-23468HIGHSolarWinds Access Rights Manager Directory Traversal and Information Disclosure VulnerabilityEPSS 3.4%CVE-2019-16776HIGHUnauthorized File Access in npm CLI before before version 6.13.3EPSS 3.3%CVE-2021-40724HIGHAdobe Acrobat Reader Android Abritrary Code Execution VulnerabilityEPSS 3.3%CVE-2025-46704MEDIUMAdvantech iView Path TraversalEPSS 3.3%CVE-2024-2024HIGHFolders Pro <= 3.0.2 - Authenticated(Author+) Arbitrary File Upload via handle_folders_file_uploadEPSS 3.3%CVE-2024-0402CRITICALImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLabEPSS 3.3%CVE-2021-37701HIGHArbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic linksEPSS 3.3%CVE-2022-24311—A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing fileEPSS 3.3%CVE-2026-33476HIGHSiYuan has an Unauthenticated Arbitrary File Read via Path TraversalEPSS 3.3%CVE-2023-23842HIGHSolarWinds Network Configuration Manager Directory Traversal VulnerabilityEPSS 3.3%CVE-2022-24312—A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing fileEPSS 3.2%CVE-2017-9511HIGHThe MultiPathResource class in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to read arbitrary fileEPSS 3.2%CVE-2024-24997HIGHA Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitraryEPSS 3.2%CVE-2024-27976HIGHA Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitraryEPSS 3.2%CVE-2021-21037HIGHAcrobat Reader DC Path Traversal Vulnerability Could Lead To Arbitrary Code ExecutionEPSS 3.2%CVE-2025-59304CRITICALA directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote attacker to achieve Remote Code Execution via EPSS 3.2%CVE-2020-15640HIGHThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64.EPSS 3.2%