Falhas do tipo CWE-22
4.856 resultadosCVE-2025-8559MEDIUMAll in One Music Player <= 1.3.1 - Authenticated (Contributor+) Path Traversal via theme ParameterEPSS 0.4%CVE-2023-30584HIGHA vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improEPSS 0.4%CVE-2026-0669HIGHPath Traversal vulnerability in CSS extension on certain web serversEPSS 0.4%CVE-2023-31167MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.4%CVE-2026-40157CRITICALPraisonAI affected by arbitrary file write via path traversal in `praisonai recipe unpack`EPSS 0.4%CVE-2026-53777HIGHPerry < 0.5.1159 Path Traversal via ArtifactReady WebSocketEPSS 0.4%CVE-2024-43395HIGHCraftOS-PC 2's improperly sanitizied paths cause filesystem escape (Windows)EPSS 0.4%CVE-2025-35053MEDIUMNewforma Info Exchange (NIX) arbitrary file read and deleteEPSS 0.4%CVE-2026-54293HIGHNLTK: URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File ReadEPSS 0.4%CVE-2025-60915HIGHAn issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execEPSS 0.4%CVE-2026-55469MEDIUMSnipe-IT: Path traversal vulnerability via CSV import `image` fieldEPSS 0.4%CVE-2026-15331MEDIUMzhayujie CowAgent Skill Installation service.py _add_package path traversalEPSS 0.4%CVE-2026-3089MEDIUMActual Sync Server 26.2.1 - Authenticated Path TraversalEPSS 0.4%CVE-2026-56122HIGHWinstone Servlet Engine 0.9.10 Path Traversal via HTTP Request PathsEPSS 0.4%CVE-2025-32018HIGHArbitrary file write from Cursor Agent through a prompt injection from malicious @DocsEPSS 0.4%CVE-2025-48017CRITICALImproper Limitation of a Pathname to a Restricted DirectoryEPSS 0.4%CVE-2023-34217HIGHSecond Order Command-injection Vulnerability in the Certificate-delete FunctionEPSS 0.4%CVE-2023-49801MEDIUMLif Auth Server vulnerable to uncontrolled data in path expression EPSS 0.4%CVE-2025-7108MEDIUMrisesoft-y9 Digital-Infrastructure Y9FileController.java deleteFile path traversalEPSS 0.4%CVE-2023-51651MEDIUMPotential URI resolution path traversal in the AWS SDK for PHPEPSS 0.4%