Falhas do tipo CWE-22

4.856 resultados
CVE-2025-67819MEDIUMAn issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer logic, an attacker EPSS 0.4%CVE-2025-7896MEDIUMharry0703 MoneyPrinterTurbo video.py delete_video path traversalEPSS 0.4%CVE-2025-48273HIGHWordPress WP Job Portal plugin <= 2.3.2 - Arbitrary File Download VulnerabilityEPSS 0.4%CVE-2026-28786MEDIUMOpen WebUI vulnerable to Path Traversal in `POST /api/v1/audio/transcriptions`EPSS 0.4%CVE-2026-0394MEDIUMWhen dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added EPSS 0.4%CVE-2025-48130HIGHWordPress Spice Blocks plugin <= 2.0.7.4 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2024-45604MEDIUMDirectory traversal in the file selector widget in contao/core-bundleEPSS 0.4%CVE-2026-35492MEDIUMKedro-Datasets has a path traversal vulnerability in PartitionedDataset allows arbitrary file writeEPSS 0.4%CVE-2025-6108MEDIUMhansonwang99 Spring-Boot-In-Action File Upload ImageUploadService.java watermarkTest path traversalEPSS 0.4%CVE-2025-66251HIGHUnauthenticated Path Traversal with Arbitrary File DeletionEPSS 0.4%CVE-2026-7159MEDIUMdouinc mkdocs-mcp-plugin server.py list_documents path traversalEPSS 0.4%CVE-2025-47535HIGHWordPress Opal Woo Custom Product Variation plugin <= 1.2.0 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-24125MEDIUMPath Traversal in @tinacms/graphqlEPSS 0.4%CVE-2025-61586MEDIUMFreshRSS is vulnerable to directory enumeration by setting path in its theme fieldEPSS 0.4%CVE-2026-28462HIGHOpenClaw < 2026.2.13 - Path Traversal in Trace and Download Output PathsEPSS 0.4%CVE-2025-54819HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:EPSS 0.4%CVE-2025-59744HIGHMultiple vulnerabilities in AndSoft's e-TMSEPSS 0.4%CVE-2025-11016MEDIUMkalcaddle kodbox index.class.php fileOut path traversalEPSS 0.4%CVE-2026-7272MEDIUMWilliamCloudQi matlab-mcp-server MCP index.ts execute_matlab_code path traversalEPSS 0.4%CVE-2026-44716HIGHPipecat: Path Traversal in Pipecat Runner `/files` Endpoint — Arbitrary File Read via `%2F`-Encoded SeparatorEPSS 0.4%