Fallos del tipo CWE-22

4875 resultados
CVE-2026-59196HIGHpnpm: hoisted install imports lockfile alias outside node_modulesEPSS 0.3%CVE-2026-49339HIGHPath traversal in getPlaylist/deletePlaylist bypasses ownership check: any authenticated user can read or delete any other user's playlistEPSS 0.3%CVE-2026-39899MEDIUMCacti: Path Traversal via filename parameter in package_import.phpEPSS 0.3%CVE-2026-6829MEDIUMnesquena hermes-webui Arbitrary Workspace Directory AccessEPSS 0.3%CVE-2024-41938MEDIUMA vulnerability has been identified in SINEC NMS (All versions < V3.0). The importCertificate function of the SINEC NMS Control web applicatEPSS 0.3%CVE-2025-15491MEDIUMPost Slides <= 1.0.1 - Contributor+ Local File InclusionEPSS 0.3%CVE-2026-61431MEDIUMPraisonAI before 4.6.78 Path Traversal via ContextGathererEPSS 0.3%CVE-2025-62851MEDIUMLicense CenterEPSS 0.3%CVE-2026-49246LOWJellyfin: Potential MKV attachment filename path traversal to RCEEPSS 0.3%CVE-2026-10601MEDIUMPath traversal in the Tempo and Loki data source pluginsEPSS 0.3%CVE-2026-48820MEDIUMCakePHP: View::element() is missing a path containment checkEPSS 0.3%CVE-2026-34371MEDIUMLibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename TraversalEPSS 0.3%CVE-2026-8770MEDIUMcontinuedev continue JSON-RPC Server lsTool.ts lsTool path traversalEPSS 0.3%CVE-2026-7766HIGHPath Traversal in Kenik camerasEPSS 0.3%CVE-2026-59195HIGHpnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-configEPSS 0.3%CVE-2026-59194HIGHpnpm: patch-remove could delete project-selected files outside the patches directoryEPSS 0.3%CVE-2025-0694MEDIUMCODESYS Control V3 removable media path traversalEPSS 0.3%CVE-2026-25603MEDIUMPath Traversal vulnerability in Linksys MR9600, Linksys MX4200EPSS 0.3%CVE-2026-35592MEDIUMpyLoad has an Incomplete Tar Path Traversal Fix in UnTar._safe_extractall via os.path.commonprefix BypassEPSS 0.3%CVE-2023-4782MEDIUMTerraform Allows Arbitrary File Write During Init OperationEPSS 0.3%