Fallos del tipo CWE-22

4873 resultados
CVE-2026-41693HIGHi18next-fs-backend: Path traversal via unsanitised lng/ns allows arbitrary file read/overwriteEPSS 0.3%CVE-2026-2216MEDIUMrachelos WeRSS we-mp-rss tools.py download_export_file path traversalEPSS 0.3%CVE-2026-7185MEDIUMUnauthorized access to files in T-Systems productsEPSS 0.3%CVE-2026-54286MEDIUMHono: Path traversal in `serve-static` on Windows via encoded backslash (`%5C`)EPSS 0.3%CVE-2026-55092HIGHTrivy: Path traversal via a crafted vulnerability database or other downloaded artifactsEPSS 0.3%CVE-2025-42970MEDIUMDirectory Traversal vulnerability in SAPCAREPSS 0.3%CVE-2026-56448HIGHAuthenticated Path Traversal in AIL Framework Investigation Downloads Allows Arbitrary File ReadEPSS 0.3%CVE-2026-39306HIGHPraisonAI recipe registry pull path traversal writes files outside the chosen output directoryEPSS 0.3%CVE-2025-63680HIGHNero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw (CWE-22) that, in combination with Windows ShellExecEPSS 0.3%CVE-2026-32262MEDIUMCraft CMS has a Path Traversal Vulnerability in AssetsControllerEPSS 0.3%CVE-2026-27800HIGHZed has Zip Slip Path Traversal in Extension Archive ExtractionEPSS 0.3%CVE-2025-6210MEDIUMHardlink-Based Path Traversal in run-llama/llama_indexEPSS 0.3%CVE-2025-49089MEDIUMwangxutech MoneyPrinterTurbo 1.2.6 allows path traversal via /api/v1/download/ URIs such as /api/v1/download//etc/passwd.EPSS 0.3%CVE-2024-40712HIGHA path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege esEPSS 0.3%CVE-2025-36597MEDIUMDell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path TraveEPSS 0.3%CVE-2025-65076HIGHArbitrary File Read and Delete via Path Traversal in WaveStore ServerEPSS 0.3%CVE-2026-46397MEDIUMhaxcms-php Local File Inclusion via saveOutline API Location Parameter v2.0EPSS 0.3%CVE-2026-7715MEDIUMravenwits mcp-server-arangodb MCP tools.ts arango_backup path traversalEPSS 0.3%CVE-2026-7738MEDIUMpuchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversalEPSS 0.3%CVE-2026-26960HIGHnode-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in ExtractionEPSS 0.3%