Weaknesses of type CWE-434
2,825 resultsCVE-2022-2791MEDIUMEmerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, EPSS 0.2%CVE-2025-24862LOWUnrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User ApplicEPSS 0.2%CVE-2025-55251LOWHCL AION is affected by an Unrestricted File Upload vulnerabilityEPSS 0.2%CVE-2026-42538MEDIUMIRIS has an Insecure File UploadEPSS 0.2%CVE-2026-46426HIGHBudibase: Unrestricted Upload of File with Dangerous TypeEPSS 0.2%CVE-2025-51736MEDIUMFile upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.EPSS 0.2%CVE-2026-27146HIGHGetSimple CMS: Cross-Site Request Forgery (CSRF) in File Upload Allows Arbitrary UploadsEPSS 0.2%CVE-2024-28520MEDIUMFile Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an atEPSS 0.2%CVE-2024-47151MEDIUMSome Honor products are affected by file writing vulnerability, successful exploitation could cause code executionEPSS 0.2%CVE-2023-31428MEDIUMCLI allows upload or transfer files of dangerous typesEPSS 0.2%CVE-2026-48946MEDIUMJoomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < 2.26EPSS 0.2%CVE-2025-13462LOWtarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handlingEPSS 0.2%CVE-2025-48953MEDIUMUmbraco Vulnerable to By-Pass of Configured Allowed Extensions for File UploadsEPSS 0.2%CVE-2025-47939MEDIUMTYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction LayerEPSS 0.2%CVE-2025-24815HIGHAn unrestricted file upload vulnerability in Nokia MantaRay NMEPSS 0.2%CVE-2026-30280MEDIUMAn arbitrary file overwrite vulnerability in RAREPROB SOLUTIONS PRIVATE LIMITED Video player Play All Videos v1.0.135 allows attackers to ovEPSS 0.1%CVE-2026-3219MEDIUMpip doesn't reject concatenated ZIP and tar archivesEPSS 0.1%CVE-2019-25616MEDIUMAnMing MP3 CD Burner 2.0 Local Denial of ServiceEPSS 0.1%CVE-2026-53948MEDIUMGhost: File Upload Content-Type SpoofingEPSS 0.1%CVE-2025-15067HIGHUnrestricted File Upload and RCE in Innorix WPEPSS 0.1%