Falhas do tipo CWE-22
4.704 resultadosCVE-2024-48914CRITICALVendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategyEPSS 59.8%CVE-2020-15643HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. AlthougEPSS 59.3%CVE-2023-41182HIGHNETGEAR ProSAFE Network Management System ZipUtils Directory Traversal Remote Code Execution VulnerabilityEPSS 58.6%CVE-2023-28127HIGHA path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosuEPSS 58.6%CVE-2019-6111MEDIUMAn issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directorieEPSS 58.2%CVE-2021-43813MEDIUMDirectory Traversal in GrafanaEPSS 58.0%CVE-2017-16597—This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.7EPSS 57.9%CVE-2023-40028MEDIUMArbitrary file read via symlinks in GhostEPSS 57.8%CVE-2023-34259MEDIUMKyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on theEPSS 57.7%CVE-2024-47011HIGHPath Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive informationEPSS 57.0%CVE-2024-27317HIGHApache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File ModificationEPSS 56.9%CVE-2022-48323CRITICALSunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenEPSS 56.8%CVE-2024-38819HIGHApplications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacksEPSS 54.9%CVE-2017-16603—This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems EnterpEPSS 54.7%CVE-2014-0130HIGHDirectory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails beforEPSS 53.7%KEVCVE-2025-1661CRITICALHUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File InclusionEPSS 52.8%CVE-2021-43778CRITICALPath traversal in GLPI barcode pluginEPSS 52.7%CVE-2022-35919HIGHAuthenticated requests for server update admin API allows path traversal in minioEPSS 52.3%CVE-2023-25652HIGH"git apply --reject" partially-controlled arbitrary file writeEPSS 52.2%CVE-2021-20023MEDIUMSonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on thEPSS 51.4%KEV