Fallos del tipo CWE-22

4853 resultados
CVE-2024-39688MEDIUMfishaudio/Bert-VITS2 Limited File Write in webui_preprocess.py generate_config functionEPSS 0.5%CVE-2024-55401MEDIUMAn issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.EPSS 0.5%CVE-2026-8442HIGHWP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) Arbitrary File Deletion via 'myaction' ParameterEPSS 0.5%CVE-2024-9575HIGHLocal File Inclusion in pretix-widget WordPress pluginEPSS 0.5%CVE-2018-3770A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the locEPSS 0.5%CVE-2026-7784MEDIUMRTGS2017 NagaAgent Skills Endpoint extensions.py path traversalEPSS 0.5%CVE-2026-49128HIGHMusic Player Daemon < 0.24.11 Path Traversal via LocalStorage URI HandlingEPSS 0.5%CVE-2024-41726HIGHPath traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary eEPSS 0.5%CVE-2025-29787HIGHzip Vulnerable to Incorrect Path Canonicalization During Archive Extraction, Leading to Arbitrary File WriteEPSS 0.5%CVE-2026-33656CRITICALEspoCRM vulnerable to authenticated RCE via Formula with path traversal in attachment `sourceId`, exploitable by admin userEPSS 0.5%CVE-2026-25869MEDIUMMiniGal Nano <= 0.3.5 Path Traversal via dir ParameterEPSS 0.5%CVE-2025-26752HIGHWordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2023-40026MEDIUMPath traversal allows leaking out-of-bound Helm charts from Argo CD repo-serverEPSS 0.5%CVE-2026-48866CRITICALWordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2023-46784HIGHWordPress ICS Calendar plugin <= 10.12.0.3 - SSRF and Arbitrary File Read vulnerabilityEPSS 0.5%CVE-2020-37086MEDIUMEasy Transfer 1.7 for iOS - Directory TraversalEPSS 0.5%CVE-2022-2184CAPTCHA 4WP < 7.1.0 - Local File Inclusion via CSRFEPSS 0.5%CVE-2025-48744MEDIUMIn SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution.EPSS 0.5%CVE-2024-23607MEDIUMF5OS QKView utility vulnerabilityEPSS 0.5%CVE-2025-41755MEDIUMArbitrary Read with ubr-logreadEPSS 0.5%