Fallos del tipo CWE-73
457 resultadosCVE-2022-39952CRITICALA external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11,EPSS 99.8%CVE-2024-8517CRITICALSPIP Bigup Multipart File Upload OS Command InjectionEPSS 94.6%CVE-2023-4634CRITICALMedia Library Assistant <= 3.09 - Unauthenticated Local/Remote File Inclusion & Remote Code ExecutionEPSS 82.6%CVE-2018-17246—Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the KibanEPSS 82.3%CVE-2024-43451MEDIUMNTLM Hash Disclosure Spoofing VulnerabilityEPSS 81.8%KEVCVE-2025-33053HIGHInternet Shortcut Files Remote Code Execution VulnerabilityEPSS 81.6%KEVCVE-2023-3643HIGHBoss Mini document file inclusionEPSS 75.2%CVE-2021-27250MEDIUMThis vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc0EPSS 66.0%CVE-2025-24054MEDIUMNTLM Hash Disclosure Spoofing VulnerabilityEPSS 59.0%KEVCVE-2024-46909CRITICALWhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution VulnerabilityEPSS 49.2%CVE-2021-21343MEDIUMXStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rightsEPSS 47.6%CVE-2023-2554HIGHExternal Control of File Name or Path in unilogies/bumsysEPSS 31.2%CVE-2024-26185MEDIUMWindows Compressed Folder Tampering VulnerabilityEPSS 30.5%CVE-2025-0851CRITICALPath traversal issue in Deep Java LibraryEPSS 23.0%CVE-2025-21377MEDIUMNTLM Hash Disclosure Spoofing VulnerabilityEPSS 21.8%CVE-2024-37149HIGHGLPI allows remote code execution through the plugin loaderEPSS 21.2%CVE-2024-0265MEDIUMSourceCodester Clinic Queuing System GET Parameter index.php file inclusionEPSS 20.9%CVE-2024-0087CRITICALCVEEPSS 20.1%CVE-2026-20872MEDIUMNTLM Hash Disclosure Spoofing VulnerabilityEPSS 19.1%CVE-2026-20925MEDIUMNTLM Hash Disclosure Spoofing VulnerabilityEPSS 17.3%