Falhas do tipo CWE-22
4.856 resultadosCVE-2025-14220MEDIUMORICO CD3510 File Upload path traversalEPSS 0.4%CVE-2026-44635HIGHKysely: JSON-path traversal injection via unsanitized path-leg metacharacters in `JSONPathBuilder.key()` / `.at()`EPSS 0.4%CVE-2025-65713MEDIUMHome Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths durEPSS 0.4%CVE-2023-41747MEDIUMSensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager (Windows)EPSS 0.4%CVE-2026-44593HIGHesm.sh: Legacy Route Path Traversal Can Lead to RCEEPSS 0.4%CVE-2020-1737HIGHA flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip moEPSS 0.4%CVE-2025-8385MEDIUMZombify <= 1.7.5 - Authenticated (Subscriber+) Path Traversal to Arbitrary File ReadEPSS 0.4%CVE-2025-11034MEDIUMDibo Data Decision Making System common_dep.action.jsp downloadImpTemplet path traversalEPSS 0.4%CVE-2023-0592MEDIUMPath traversal in jeffersonEPSS 0.4%CVE-2025-68953HIGHCertain Frappe requests are vulnerable to Path TraversalEPSS 0.4%CVE-2026-11769MEDIUMOperator - Namespaced User Path TraversalEPSS 0.4%CVE-2025-9650MEDIUMyeqifu carRental AppFileUtils.java removeFileByPath path traversalEPSS 0.4%CVE-2026-41205HIGHMako: Path traversal via double-slash URI prefix in TemplateLookupEPSS 0.4%CVE-2026-55667HIGHFile Browser: Out-of-scope file deletion by a Create-only scoped user via symlink-following RemoveAll in upload failure-cleanupEPSS 0.4%CVE-2025-29843MEDIUMA vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files.EPSS 0.4%CVE-2026-8754MEDIUMAstrBotDevs AstrBot File Upload chat.py post_file path traversalEPSS 0.4%CVE-2025-13725MEDIUMGutenberg Thim Blocks <= 1.0.1 - Authenticated (Contributor+) Arbitrary File Read via 'iconSVG' ParameterEPSS 0.4%CVE-2020-10691MEDIUMAn archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. WheEPSS 0.4%CVE-2025-12203MEDIUMgivanz Vvveb Code Editor functions.php sanitizeFileName path traversalEPSS 0.4%CVE-2026-4233MEDIUMThingsGateway download path traversalEPSS 0.4%