Falhas do tipo CWE-22
4.653 resultadosCVE-2020-27871HIGHThis vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. AlthouEPSS 90.4%CVE-2019-7195CRITICALThis external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability,EPSS 89.7%KEVCVE-2024-37032HIGHOllama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandlesEPSS 89.6%CVE-2022-24716HIGHPath traversal in Icinga Web 2EPSS 89.4%CVE-2021-43798HIGHGrafana path traversalEPSS 88.8%KEVCVE-2022-37042CRITICALZimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypaEPSS 88.3%KEVCVE-2024-36104CRITICALApache OFBiz: Path traversal leading to a RCEEPSS 87.9%CVE-2024-1708HIGHImproper limitation of a pathname to a restricted directory (“path traversal”)EPSS 87.6%KEVCVE-2022-31706CRITICALThe vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operatiEPSS 87.1%CVE-2025-6218HIGHRARLAB WinRAR Directory Traversal Remote Code Execution VulnerabilityEPSS 86.2%KEVCVE-2020-11652MEDIUMAn issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to EPSS 86.1%KEVCVE-2024-1728HIGHLocal File Inclusion in gradio-app/gradioEPSS 85.4%CVE-2019-3799—Directory Traversal with spring-cloud-config-serverEPSS 85.3%CVE-2023-41266HIGHA path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 aEPSS 85.0%KEVCVE-2023-38950HIGHA path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplEPSS 84.9%KEVCVE-2023-32164HIGHD-Link D-View TftpSendFileThread Directory Traversal Information Disclosure VulnerabilityEPSS 84.9%CVE-2023-40502HIGHLG Simple Editor cropImage Directory Traversal Arbitrary File Deletion VulnerabilityEPSS 84.4%CVE-2023-40492HIGHLG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion VulnerabilityEPSS 84.4%CVE-2023-40494HIGHLG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion VulnerabilityEPSS 84.4%CVE-2015-3035HIGHDirectory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0)EPSS 83.8%KEV