Falhas do tipo CWE-22

4.857 resultados
CVE-2026-47368HIGHA malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtaiEPSS 0.4%CVE-2026-39468MEDIUMWordPress Meta Box – WordPress Custom Fields Framework plugin <= 5.11.1 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2023-43802HIGHPath traversal in Arduino Create AgentEPSS 0.4%CVE-2026-44705HIGHtmp: Path Traversal via unsanitized prefix/postfix enables directory escapeEPSS 0.4%CVE-2025-31411MEDIUMWordPress Linet ERP-Woocommerce Integration plugin <= 3.5.12 - Arbitrary File Read/Deletion vulnerabilityEPSS 0.4%CVE-2024-56179HIGHIn MindManager Windows versions prior to 24.1.150, attackers could potentially write to unexpected directories in victims' machines via direEPSS 0.4%CVE-2026-25328MEDIUMWordPress Product File Upload for WooCommerce plugin <= 2.2.4 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2024-39178MEDIUMMyPower vc8100 V100R001C00B030 was discovered to contain an arbitrary file read vulnerability via the component /tcpdump/tcpdump.php?menu_uuEPSS 0.4%CVE-2026-3029HIGHCVE-2026-3029EPSS 0.4%CVE-2023-0593MEDIUMPath traversal in yaffshivEPSS 0.4%CVE-2026-32147MEDIUMSFTP chroot bypass via path traversal in SSH_FXP_FSETSTATEPSS 0.4%CVE-2025-13875MEDIUMYohann0617 oci-helper OCI Configuration Upload OciServiceImpl.java addCfg path traversalEPSS 0.4%CVE-2025-64346MEDIUMarchives: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.4%CVE-2026-28078MEDIUMWordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2025-64485MEDIUMCVAT: Mounted share file overwrite via crafted requestEPSS 0.4%CVE-2025-68862HIGHWordPress Woo File Dropzone plugin <= 1.1.7 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-42574HIGHapko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build rootEPSS 0.4%CVE-2026-44641HIGHMicrosoft APM: plugin.json component paths escape plugin root and copy arbitrary host files during installEPSS 0.4%CVE-2024-11615MEDIUMEnvolve Plugin <= 1.0 - Unauthenticated Language File DeletionEPSS 0.4%CVE-2026-52716MEDIUMWordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerabilityEPSS 0.4%