Fallos del tipo CWE-434
2819 resultadosCVE-2026-48946MEDIUMJoomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < 2.26EPSS 0.2%CVE-2024-47151MEDIUMSome Honor products are affected by file writing vulnerability, successful exploitation could cause code executionEPSS 0.2%CVE-2025-13462LOWtarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handlingEPSS 0.2%CVE-2025-48953MEDIUMUmbraco Vulnerable to By-Pass of Configured Allowed Extensions for File UploadsEPSS 0.2%CVE-2025-47939MEDIUMTYPO3 CMS Vulnerable to Unrestricted File Upload in File Abstraction LayerEPSS 0.2%CVE-2025-24815HIGHAn unrestricted file upload vulnerability in Nokia MantaRay NMEPSS 0.2%CVE-2026-24014CRITICALApache IoTDB: Path Traversal in DataNode Internal RPC Trigger JAR Upload Allows Arbitrary File WriteEPSS 0.1%CVE-2026-30280MEDIUMAn arbitrary file overwrite vulnerability in RAREPROB SOLUTIONS PRIVATE LIMITED Video player Play All Videos v1.0.135 allows attackers to ovEPSS 0.1%CVE-2026-3219MEDIUMpip doesn't reject concatenated ZIP and tar archivesEPSS 0.1%CVE-2019-25616MEDIUMAnMing MP3 CD Burner 2.0 Local Denial of ServiceEPSS 0.1%CVE-2026-53948MEDIUMGhost: File Upload Content-Type SpoofingEPSS 0.1%CVE-2025-15067HIGHUnrestricted File Upload and RCE in Innorix WPEPSS 0.1%CVE-2026-9157HIGHRemote Code Execution in Gmission Web FAXEPSS 0.1%CVE-2026-23697HIGHVtiger CRM < 8.4.0 Authenticated File Upload RCE via Documents ModuleEPSS —CVE-2026-9182MEDIUMUnvalidated File Upload vulnerability in ArcGIS Server.EPSS —CVE-2026-23698HIGHVtiger CRM 8.4.0 Authenticated RCE via Module Import File UploadEPSS —CVE-2026-55633HIGHDataEase H2 RCE via Zip Protocol & File Dropper Fix bypassEPSS —CVE-2026-42145LOWCoolify: File Upload Without Type or Size Validation in Database Backup RestoreEPSS —CVE-2026-14345CRITICALWPFunnels <= 3.12.7 - Unauthenticated Remote Code Execution via 'postData' ParameterEPSS —