Fallos del tipo CWE-22
4730 resultadosCVE-2007-5927HIGHDirectory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents vEPSS 4.0%CVE-2020-7478—A CWE-22: Improper Limitation of a Pathname to a Restricted Directory exists in IGSS (Versions 14 and prior using the service: IGSSupdate), EPSS 4.0%CVE-2016-7041MEDIUMDrools Workbench contains a path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory EPSS 4.0%CVE-2024-39722HIGHAn issue was discovered in Ollama before 0.1.46. It exposes which files exist on the server on which it is deployed via path traversal in thEPSS 3.9%CVE-2026-2493HIGHIceWarp collaboration Directory Traversal Information Disclosure VulnerabilityEPSS 3.9%CVE-2019-12691MEDIUMCisco Firepower Management Center Directory Traversal VulnerabilityEPSS 3.9%CVE-2022-25371—Unauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBizEPSS 3.9%CVE-2021-21102HIGHAdobe Illustrator DOCX file parsing directory traversal vulnerability could lead to remote code executionEPSS 3.9%CVE-2025-2749HIGHKentico Xperience <= 13.0.178 Staging Media File Upload Authenticated RCEEPSS 3.9%KEVCVE-2017-12694—A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to performEPSS 3.8%CVE-2019-1854MEDIUMCisco Expressway Series Directory Traversal VulnerabilityEPSS 3.8%CVE-2025-71210CRITICALA vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands oEPSS 3.8%CVE-2021-43831HIGHFiles on the host computer can be accessed from the Gradio interfaceEPSS 3.8%CVE-2024-3234CRITICALPath Traversal in gaizhenbiao/chuanhuchatgptEPSS 3.8%CVE-2025-71211CRITICALA vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands oEPSS 3.8%CVE-2017-6758—A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker tEPSS 3.8%CVE-2021-40525—Sieve file storage vulnerable to path traversal attacksEPSS 3.7%CVE-2022-39045HIGHA file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HEPSS 3.7%CVE-2022-32573CRITICALA directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafEPSS 3.7%CVE-2026-7411CRITICALIn Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauEPSS 3.7%