Falhas do tipo CWE-22
4.786 resultadosCVE-2024-21542HIGHVersions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destinatEPSS 1.1%CVE-2023-20220HIGHMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 1.1%CVE-2024-31801HIGHDirectory Traversal vulnerability in NEXSYS-ONE before v.Rev.15320 allows a remote attacker to obtain sensitive information via a crafted reEPSS 1.1%CVE-2023-6753CRITICALPath Traversal in mlflow/mlflowEPSS 1.1%CVE-2026-5436HIGHMW WP Form <= 5.1.1 - Unauthenticated Arbitrary File Move via regenerate_upload_file_keysEPSS 1.1%CVE-2018-10917MEDIUMpulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to lEPSS 1.1%CVE-2022-28981HIGHPath traversal vulnerability in the Hypermedia REST APIs module in Liferay Portal 7.4.0 through 7.4.2 allows remote attackers to access fileEPSS 1.1%CVE-2019-25053HIGHA path traversal vulnerability exists in Sage FRP 1000 before November 2019. This allows remote unauthenticated attackers to access files ouEPSS 1.1%CVE-2021-21284MEDIUMprivilege escalation in MobyEPSS 1.1%CVE-2025-6807MEDIUMMarvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure VulnerabilityEPSS 1.1%CVE-2023-26969HIGHAtropim 1.5.26 is vulnerable to Directory Traversal.EPSS 1.1%CVE-2025-6795MEDIUMMarvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure VulnerabilityEPSS 1.1%CVE-2026-21440CRITICALAdonisJS Path Traversal in Multipart File HandlingEPSS 1.1%CVE-2022-4880MEDIUMstakira OpenUtau ZIP Archive VoicebankInstaller.cs VoicebankInstaller path traversalEPSS 1.1%CVE-2023-38702CRITICALKnowage Server vulnerable to path traversal via upload functionalityEPSS 1.1%CVE-2022-36065HIGHGrowthBook account creation and file upload vulnerability in self-hosted configurationsEPSS 1.1%CVE-2020-5720—MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of arbitrary files wherevere WinBox has wriEPSS 1.1%CVE-2022-45388HIGHJenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated EPSS 1.1%CVE-2024-46376CRITICALBest House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the update_account() function of the file rental/EPSS 1.1%CVE-2012-10024HIGHXBMC ≤ 11.0 Web Server Path TraversalEPSS 1.1%