Falhas do tipo CWE-22
4.827 resultadosCVE-2026-28406HIGHkaniko has tar archive path traversal in build context extraction allows writing files outside destination directoryEPSS 0.6%CVE-2023-39299HIGHMusic StationEPSS 0.6%CVE-2018-25325HIGHWoocommerce CSV Importer 3.3.6 Path Traversal File DeletionEPSS 0.6%CVE-2025-12960MEDIUMSimple CSV Table <= 1.0.1 - Directory Traversal to Authenticated (Contributor+) Arbitrary File ReadEPSS 0.6%CVE-2026-27886CRITICALStrapi may leak sensitive data via relational filtering due to lack of query sanitizationEPSS 0.6%CVE-2026-30580MEDIUMFile Thingie 2.5.7 is vulnerable to Directory Traversal. A malicious user can leverage the "create folder from url" functionality of the appEPSS 0.6%CVE-2024-32778HIGHWordPress Contest Gallery plugin <= 21.3.4 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2022-34762MEDIUMA CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized EPSS 0.6%CVE-2024-10100MEDIUMPath Traversal in binary-husky/gpt_academicEPSS 0.6%CVE-2026-8755MEDIUMfishaudio Bert-VITS2 Model hiyoriUI.py _get_all_models path traversalEPSS 0.6%CVE-2024-3980CRITICALThe MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names
that are used in filesystEPSS 0.6%CVE-2025-54438CRITICALImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allowEPSS 0.6%CVE-2020-37214HIGHVoyager 1.3.0 - Directory TraversalEPSS 0.6%CVE-2026-8757MEDIUMadenhq hive Delete Request routes_sessions.py _read_events_tail path traversalEPSS 0.6%CVE-2026-46383MEDIUMMicrosoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`EPSS 0.6%CVE-2023-32974HIGHQTS, QuTS hero, QuTScloudEPSS 0.6%CVE-2024-37089CRITICALWordPress Consulting Elementor Widgets plugin <= 1.3.0 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2026-26217CRITICALCrawl4AI < 0.8.0 Docker API Local File Inclusion via file URL HandlingEPSS 0.6%CVE-2022-3090HIGHRed Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and pEPSS 0.6%CVE-2025-27395HIGHA vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit tEPSS 0.6%