Fallos del tipo CWE-23
420 resultadosCVE-2024-27199HIGHIn JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possibleEPSS 100.0%KEVCVE-2020-5410HIGHDirectory Traversal with spring-cloud-config-serverEPSS 95.6%KEVCVE-2025-64446CRITICALA relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9EPSS 89.5%KEVCVE-2025-55752HIGHApache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabledEPSS 74.0%CVE-2020-5405—Directory Traversal with spring-cloud-config-serverEPSS 68.5%CVE-2020-17518—Apache Flink directory traversal attack: remote file writing through the REST APIEPSS 52.3%CVE-2022-23854HIGHAVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated userEPSS 46.0%CVE-2024-2053HIGHArtica Proxy Unauthenticated LFI Protection Bypass VulnerabilityEPSS 44.6%CVE-2020-5284MEDIUMDirectory Traversal in Next.js versions below 9.3.2EPSS 43.4%CVE-2024-52012MEDIUMApache Solr: Configset upload on Windows allows arbitrary path write-accessEPSS 41.2%CVE-2018-18990—LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can levEPSS 39.5%CVE-2021-43555HIGHmySCADA myDESIGNEREPSS 38.0%CVE-2022-29844MEDIUMWestern Digital My Cloud OS 5 arbitrary file read and write vulnerability via ftpEPSS 36.4%CVE-2024-24942MEDIUMIn JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archivesEPSS 32.0%CVE-2021-20040—A relative path traversal vulnerability in the SMA100 upload funtion allows a remote unauthenticated attacker to upload crafted web pages orEPSS 25.8%CVE-2023-34990CRITICALA relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized cEPSS 24.9%CVE-2024-47949MEDIUMIn JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary locationEPSS 22.9%CVE-2024-43454HIGHWindows Remote Desktop Licensing Service Remote Code Execution VulnerabilityEPSS 21.0%CVE-2026-23734CRITICALXWiki Platform: Path traversal via resources parameter in ssx and jsx endpoints when using leading slashEPSS 19.5%CVE-2025-68472HIGHMindsDB has improper sanitation of filepath that leads to information disclosure and DOSEPSS 19.2%