Fallos del tipo CWE-22
4857 resultadosCVE-2025-59819MEDIUMAuthenticated Arbitrary File Read via filepath parameterEPSS 0.4%CVE-2026-41589CRITICALWish has SCP Path Traversal that allows arbitrary file read/writeEPSS 0.4%CVE-2026-41193CRITICALFreeScout has Zip Slip path traversal in module installation that allows arbitrary file write leading to RCEEPSS 0.4%CVE-2025-59381MEDIUMQTS, QuTS heroEPSS 0.4%CVE-2025-28980HIGHWordPress Aviation Weather from NOAA plugin <= 0.7.2 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-45279MEDIUMNextcloud: Limited path traversal via template API if using `{lang}` in configEPSS 0.4%CVE-2026-35605MEDIUMFile Browser has an access rule bypass via HasPrefix without trailing separator in path matchingEPSS 0.4%CVE-2026-24717LOWQTS, QuTS heroEPSS 0.4%CVE-2025-24765HIGHWordPress Image Shadow plugin <= 1.1.0 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-44373MEDIUMNitro: Proxy scope bypass via percent-encoded path traversal in `routeRules`EPSS 0.4%CVE-2024-9675HIGHBuildah: buildah allows arbitrary directory mountEPSS 0.4%CVE-2026-22685HIGHDevToys Path Traversal (“Zip Slip”) Vulnerability in DevToys Extension InstallationEPSS 0.4%CVE-2025-33004MEDIUMIBM Planning Analytics Local path traversalEPSS 0.4%CVE-2025-8749MEDIUMPath traversal vulnerability in MiR robot software via API requestsEPSS 0.4%CVE-2026-6282HIGHA potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remoteEPSS 0.4%CVE-2025-60217HIGHWordPress PT Luxa Addons Plugin <= 1.2.2 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2025-11842MEDIUMShazwazza Smidge Bundle path traversalEPSS 0.4%CVE-2024-25156MEDIUMPath traversal in GoAnywhere MFT 7.4.1 and EarlierEPSS 0.4%CVE-2025-58959HIGHWordPress Taskbot plugin <= 6.4 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-13070MEDIUMCSV to SortTable <= 4.2 - Contributor+ LFIEPSS 0.4%