Falhas do tipo CWE-22
4.725 resultadosCVE-2021-3762—A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted containeEPSS 4.5%CVE-2021-21501—ServiceComb ServiceCenter Directory TraversalEPSS 4.4%CVE-2026-42048CRITICALLangflow: Path Traversal in Langflow Knowledge Bases APIEPSS 4.4%CVE-2016-9484—PHP FormMail Generator generates PHP code for standard web forms, and the code generated does not properly validate user input folder directories and is vulnerable to path traversalEPSS 4.4%CVE-2023-6015CRITICALMLflow Arbitrary File UploadEPSS 4.4%CVE-2020-27870HIGHThis vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1EPSS 4.3%CVE-2025-34045HIGHWeiPHP Path Traversal Arbitrary File ReadEPSS 4.3%CVE-2020-6110HIGHAn exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snEPSS 4.3%CVE-2024-9362HIGHDirectory Traversal in polyaxon/polyaxonEPSS 4.2%CVE-2021-3924HIGHPath Traversal in getgrav/gravEPSS 4.2%CVE-2017-16598—This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems EntEPSS 4.2%CVE-2017-16606—This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems EnterpEPSS 4.2%CVE-2025-44177HIGHA directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpEPSS 4.2%CVE-2022-46945CRITICALNagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.EPSS 4.1%CVE-2018-10589—In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prioEPSS 4.1%CVE-2021-3907HIGHArbitrary filepath traversal via URI injectionEPSS 4.1%CVE-2023-33510HIGHJeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.EPSS 4.0%CVE-2023-39912MEDIUMZoho ManageEngine ADManager Plus before 7203 allows Help Desk Technician users to read arbitrary files on the machine where this product is EPSS 4.0%CVE-2019-10185HIGHIt was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. EPSS 4.0%CVE-2019-7483HIGHIn SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the preseEPSS 4.0%KEV