Export limit exceeded: 336746 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8521 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-31519 | 1 Windmill Project | 1 Windmill | 2024-11-21 | 9.3 Critical |
| The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31518 | 1 Python-recipe-database Project | 1 Python-recipe-database | 2024-11-21 | 9.3 Critical |
| The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31517 | 1 Mercury Sample Manager Project | 1 Mercury Sample Manager | 2024-11-21 | 9.3 Critical |
| The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31516 | 1 Harveyzyh Python Project | 1 Harveyzyh Python | 2024-11-21 | 9.3 Critical |
| The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31515 | 1 Carceresbe Project | 1 Carceresbe | 2024-11-21 | 9.3 Critical |
| The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31514 | 1 Fan Platform Project | 1 Fan Platform | 2024-11-21 | 9.3 Critical |
| The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31513 | 1 Krypton Project | 1 Krypton | 2024-11-21 | 9.3 Critical |
| The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31512 | 1 Flask-mvc Project | 1 Flask-mvc | 2024-11-21 | 9.3 Critical |
| The Atom02/flask-mvc repository through 2020-09-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31511 | 1 Equanimity Project | 1 Equanimity | 2024-11-21 | 9.3 Critical |
| The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31510 | 1 Simple-rat Project | 1 Simple-rat | 2024-11-21 | 9.3 Critical |
| The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31509 | 1 Iedadata | 1 Usap-dc Web Submission And Dataset Search | 2024-11-21 | 9.3 Critical |
| The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31508 | 1 Idayrus | 1 E-voting | 2024-11-21 | 9.3 Critical |
| The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31507 | 1 Ganga Project | 1 Ganga | 2024-11-21 | 9.3 Critical |
| The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31506 | 1 Cmu | 1 Opendiamond | 2024-11-21 | 9.3 Critical |
| The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31505 | 1 Mercadoenlineaback Project | 1 Mercadoenlineaback | 2024-11-21 | 9.3 Critical |
| The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31504 | 1 Baiduwenkuspider Flaskweb Project | 1 Baiduwenkuspider Flaskweb | 2024-11-21 | 9.3 Critical |
| The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31503 | 1 Orchest | 1 Orchest | 2024-11-21 | 9.3 Critical |
| The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31502 | 1 Wormnest Project | 1 Wormnest | 2024-11-21 | 9.3 Critical |
| The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31501 | 1 Onyxforum Project | 1 Onyxforum | 2024-11-21 | 9.3 Critical |
| The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31483 | 2 Carrier, Hidglobal | 28 Lenels2 Lnl-4420, Lenels2 Lnl-4420 Firmware, Lenels2 Lnl-x2210 and 25 more | 2024-11-21 | 9.1 Critical |
| An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.271. This allows a malicious actor to overwrite sensitive system files and install a startup service to gain remote access to the underlaying Linux operating system with root privileges. | ||||