Fallos del tipo CWE-36
127 resultadosCVE-2026-34515MEDIUMAIOHTTP: UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on WindowsEPSS 0.4%CVE-2025-36574HIGHDell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with reEPSS 0.4%CVE-2025-53651MEDIUMJenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the Publish HTMEPSS 0.4%CVE-2025-14253MEDIUMGalaxy Software Services|Vitals ESP - Arbitrary File ReadEPSS 0.4%CVE-2025-9516MEDIUMatec Debug <= 1.2.22 - Authenticated (Administrator+) Arbitrary File ReadEPSS 0.4%CVE-2026-4373HIGHJetFormBuilder <= 3.5.6.2 - Unauthenticated Arbitrary File Read via Media FieldEPSS 0.4%CVE-2026-42315HIGHpyLoad: Path Traversal via Package Folder Name in set_package_dataEPSS 0.4%CVE-2024-48850HIGHAuthenticated Absolute Path TraversalEPSS 0.4%CVE-2026-10075MEDIUMInterinfo|DreamMaker - Path TraversalEPSS 0.4%CVE-2026-6418MEDIUMPaperCut NG/MF: Path Traversal in Shared Account SynchronizationEPSS 0.4%CVE-2026-0846HIGHArbitrary File Read via Absolute Path Input in nltk.util.filestring()EPSS 0.4%CVE-2026-26337HIGHHyland Alfresco Transformation Service Absolute Path Traversal Arbitrary File Read and SSRFEPSS 0.4%CVE-2024-13945HIGHStored Absolute Path TraversalEPSS 0.4%CVE-2026-53698MEDIUMSilverpeas through 6.4.6 mishandles the "Personal space" feature that is selected when no componentId is set.EPSS 0.3%CVE-2024-12643HIGHChunghwa Telecom tbm-client - Arbitrary File DeleteEPSS 0.3%CVE-2026-27117MEDIUMbit7z has a path traversal vulnerabilityEPSS 0.3%CVE-2024-12646HIGHChunghwa Telecom topm-client - Arbitrary File DeleteEPSS 0.3%CVE-2025-15236MEDIUMQuanta Computer|QOCA aim AI Medical Cloud Platform - Path TraversalEPSS 0.3%CVE-2025-15237MEDIUMQuanta Computer|QOCA aim AI Medical Cloud Platform - Path TraversalEPSS 0.3%CVE-2024-12644HIGHChunghwa Telecom tbm-client - Arbitrary File Copy and PasteEPSS 0.3%