Fallos del tipo CWE-22

4790 resultados
CVE-2022-38196MEDIUMBUG-000150537 - ArcGIS Server has a local file inclusion (LFI) vulnerabilityEPSS 1.0%CVE-2024-39330MEDIUMAn issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base clasEPSS 1.0%CVE-2025-9566HIGHPodman: podman kube play command may overwrite host filesEPSS 1.0%CVE-2024-8671CRITICALWooEvents <= 4.1.2 - Unauthenticated Arbitrary File OverwriteEPSS 1.0%CVE-2022-46171MEDIUMTauri vulnerable to path traversalEPSS 1.0%CVE-2024-5147CRITICALWPZOOM Addons for Elementor (Templates, Widgets) <= 1.1.37 - Unauthenticated Local File InclusionEPSS 1.0%CVE-2022-0673A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal.EPSS 1.0%CVE-2024-34060HIGHArbitrary File Write in IRIS EVTX PipelineEPSS 1.0%CVE-2022-36113MEDIUMExtracting malicious crates can corrupt arbitrary filesEPSS 1.0%CVE-2024-6707HIGHOpen WebUI Arbitrary File Upload + Path TraversalEPSS 1.0%CVE-2025-32779MEDIUMlabsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import FunctionEPSS 1.0%CVE-2023-45686HIGHArbitrary file write via WebDAV path traversal in Titan MFT and Titan SFTP serversEPSS 1.0%CVE-2024-5153CRITICALStartklar Elementor Addons <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory DeletionEPSS 1.0%CVE-2023-48166HIGHA directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attackEPSS 1.0%CVE-2025-2328HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.7 - Unauthenticated Arbitrary File DeletionEPSS 1.0%CVE-2024-34033HIGHPath Traversal vulnerability in Delta Electronics DIAEnergie EPSS 1.0%CVE-2023-30620HIGHArbitrary File Write when Extracting a Remotely retrieved Tarball in mindsdb/mindsdbEPSS 1.0%CVE-2023-30852MEDIUMPimcore Arbitrary File Read in Admin JS CSS filesEPSS 1.0%CVE-2023-23169MEDIUMSynapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal.EPSS 1.0%CVE-2021-33725A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system allows to delete arbitrary files orEPSS 1.0%