Falhas do tipo CWE-22

4.853 resultados
CVE-2025-66302MEDIUMGrav vulnerable to Path Traversal allowing server files backupEPSS 0.4%CVE-2026-24687MEDIUMUmbraco.Forms has path traversal and file enumeration vulnerability in Linux/MacEPSS 0.4%CVE-2025-65074HIGHOS Command Injection via Path Traversal in WaveStore ServerEPSS 0.4%CVE-2026-27442CRITICALzip_attachments Path TraversalEPSS 0.4%CVE-2024-37825MEDIUMAn issue in EnvisionWare Computer Access & Reservation Control SelfCheck v1.0 (fixed in OneStop 3.2.0.27184 Hotfix May 2024) allows unauthenEPSS 0.4%CVE-2026-25964MEDIUMTandoor Recipes Affected by Authenticated Local File Disclosure (LFD) via Recipe Import leads to Arbitrary File ReadEPSS 0.4%CVE-2026-33227MEDIUMApache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ: Improper Limitation of a Pathname to a Restricted Classpath DirectoryEPSS 0.4%CVE-2026-44243HIGHGitPython: Path traversal in GitPython reference APIs allows arbitrary file write and delete outside the repositoryEPSS 0.4%CVE-2025-52574HIGHSysmonElixir path traversal in /read endpoint allows arbitrary file readEPSS 0.4%CVE-2026-7384MEDIUMezequiroga mcp-bases research_server.py search_papers path traversalEPSS 0.4%CVE-2025-11607MEDIUMharry0703 MoneyPrinterTurbo API Endpoint music.py upload_music path traversalEPSS 0.4%CVE-2026-7811MEDIUM54yyyu code-mcp MCP File server.py is_safe_path path traversalEPSS 0.4%CVE-2026-33238MEDIUMAVideo has a Path Traversal in listFiles.json.php that Enables Server Filesystem EnumerationEPSS 0.4%CVE-2026-7594MEDIUMFlux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversalEPSS 0.4%CVE-2024-13991HIGHHuijietong Cloud Video Platform fileDownload Arbitrary File ReadEPSS 0.4%CVE-2025-66428HIGHAn issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation.EPSS 0.4%CVE-2026-7519MEDIUMFujian Apex LiveBOS Endpoint UploadImage.do path traversalEPSS 0.4%CVE-2025-37144MEDIUMAuthenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management InterfaceEPSS 0.4%CVE-2026-58015MEDIUMGlib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receiveEPSS 0.4%CVE-2026-31978MEDIUMmotionEye: Arbitrary File Read via Path Traversal in Picture/Movie Preview EndpointEPSS 0.4%