Falhas do tipo CWE-22
4.873 resultadosCVE-2026-49219MEDIUMImageMagick: Policy Bypass can read disallowed filesEPSS 0.1%CVE-2026-20669MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An EPSS 0.1%CVE-2026-41124LOWDell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1EPSS 0.1%CVE-2025-59890HIGHImproper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead intEPSS 0.1%CVE-2026-47091MEDIUMClaude HUD 0.0.12 Path Traversal via transcript_pathEPSS 0.1%CVE-2026-35177MEDIUMPath traversal issue with zip.vim in VimEPSS 0.1%CVE-2026-54250MEDIUMK3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot DecompressionEPSS 0.1%CVE-2026-52902MEDIUMAwxkit: path traversal via yaml !include directiveEPSS 0.1%CVE-2025-54653HIGHPath traversal vulnerability in the virtualization file module. Successful exploitation of this vulnerability may affect the confidentialityEPSS 0.1%CVE-2025-54652HIGHPath traversal vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentialityEPSS 0.1%CVE-2026-9489HIGHNitroSense V3: Local Privilege Escalation (LPE) vulnerabilityEPSS 0.1%CVE-2026-8069HIGHPredatorSense V3: Local Privilege Escalation (LPE) vulnerabilityEPSS 0.1%CVE-2021-25452MEDIUMAn improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform pEPSS 0.1%CVE-2022-28784MEDIUMPath traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as EPSS 0.1%CVE-2026-49356LOWBabel: Arbitrary File Read via sourceMappingURL Comment in @babel/coreEPSS 0.1%CVE-2026-45380LOWbit7z: Path Traversal via Null Byte Injection from `gcount()` Off-by-One in `restoreSymlink()`EPSS 0.1%CVE-2025-53594MEDIUMQfinder Pro, Qsync, QVPNEPSS 0.1%CVE-2025-48567HIGHIn multiple locations, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrecEPSS 0.1%CVE-2023-21093HIGHIn extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a paEPSS 0.1%CVE-2026-41009MEDIUMLocal Blobstore may allow arbitrary reads/deletesEPSS 0.1%