Falhas do tipo CWE-22
4.840 resultadosCVE-2026-39861HIGHClaude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside WorkspaceEPSS 0.5%CVE-2025-69376HIGHWordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-68912HIGHWordPress HDForms plugin <= 1.6.1 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2024-6949MEDIUMGargaj wuhu path traversalEPSS 0.5%CVE-2025-3317MEDIUMfumiao opencms dataPage.jsp path traversalEPSS 0.5%CVE-2024-54291HIGHWordPress PluginPass plugin <= 0.9.10 - Arbitrary File Download/Delete vulnerabilityEPSS 0.5%CVE-2025-65345MEDIUMalexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The zip/archiving functionality allows an attacker to cEPSS 0.5%CVE-2025-11002HIGH7-Zip ZIP File Parsing Directory Traversal Remote Code Execution VulnerabilityEPSS 0.5%CVE-2025-60969MEDIUMDirectory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0076-000 Ver 4.00 allows attackers toEPSS 0.5%CVE-2026-2111MEDIUMJeecgBoot Retrieval-Augmented Generation edit path traversalEPSS 0.5%CVE-2026-2692MEDIUMCoCoTeaNet CyreneAdmin Image getAvatar path traversalEPSS 0.5%CVE-2026-11431HIGHPath Traversal in Altium Projects Service Allows Arbitrary File ReadEPSS 0.5%CVE-2024-30492MEDIUMWordPress Export and Import Users and Customers plugin <= 2.5.2 - Path Traversal vulnerabilityEPSS 0.5%CVE-2025-59343HIGHtar-fs has a symlink validation bypass if destination directory is predictable with a specific tarballEPSS 0.5%CVE-2026-32727HIGHSciTokens: Authorization Bypass via Path Traversal in Scope ValidationEPSS 0.5%CVE-2025-27785HIGHApplio allows arbitrary file read in train.py export_index functionEPSS 0.5%CVE-2025-1127CRITICALCombination Path Traversal and Concurrent Execution vulnerability exists within the embedded web serverEPSS 0.5%CVE-2024-33870MEDIUMAn issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary fileEPSS 0.5%CVE-2025-9693HIGHUser Meta – User Profile Builder and User management plugin <= 3.1.2 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.5%CVE-2025-27142MEDIUMLocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commandsEPSS 0.5%