Falhas do tipo CWE-22
4.856 resultadosCVE-2026-40180HIGHZip Slip Path Traversal in quarkus-openapi-generator ApicurioCodegenWrapper classEPSS 0.4%CVE-2025-3356HIGHIBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operationsEPSS 0.4%CVE-2026-25152MEDIUM@backstage/plugin-techdocs-node vulnerable to possible Path Traversal in TechDocs Local GeneratorEPSS 0.4%CVE-2026-42353HIGHPath traversal / SSRF in i18next-http-middleware via user-controlled language and namespace parametersEPSS 0.4%CVE-2026-31156MEDIUMA path injection vulnerability exists in OpenPLC v3 (2c82b0e79c53f8c1f1458eee15fec173400d6e1a) as the binary program compiled from glue_geneEPSS 0.4%CVE-2025-54021HIGHWordPress Simple File List plugin <= 6.1.14 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2026-32758MEDIUMFile Browser has an Access Rule Bypass via Path Traversal in Copy/Rename Destination ParameterEPSS 0.4%CVE-2025-10777MEDIUMJSC R7 R7-Office Document Server downloadas path traversalEPSS 0.4%CVE-2026-33949HIGH@tinacms/graphql has Path Traversal that leads to overwrite of arbitrary filesEPSS 0.4%CVE-2025-53081MEDIUMAn 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on thEPSS 0.4%CVE-2026-45807HIGHKestra: Path traversal via URL-encoded "%2E%2E" in execution and namespace file endpoints allows arbitrary file readEPSS 0.4%CVE-2026-49984HIGHKestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)EPSS 0.4%CVE-2026-22737MEDIUMSpring Framework Improper Path Limitation with Script View TemplatesEPSS 0.4%CVE-2023-20229HIGHA vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attackeEPSS 0.4%CVE-2026-22460HIGHWordPress FormGent plugin <= 1.7.0 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-14182MEDIUMSobey Media Convergence System upload path traversalEPSS 0.4%CVE-2024-42408MEDIUMDorsett Controls InfoScan Path TraversalEPSS 0.4%CVE-2026-25228MEDIUMSignalK Server has Path Traversal leading to information disclosureEPSS 0.4%CVE-2025-12002MEDIUMFeeds for YouTube Pro <= 2.6.0 - Unauthenticated Arbitrary File Read via Path TraversalEPSS 0.4%CVE-2026-36760CRITICALAn issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissiEPSS 0.4%