Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31576 | 1 Shackerpanel Project | 1 Shackerpanel | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31575 | 1 Livro Python Project | 1 Livro Python | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31574 | 1 Realestate Project | 1 Realestate | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31573 | 1 Chainer | 1 Chainerrl-visualizer | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31572 | 1 Cockybook Project | 1 Cockybook | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The ceee-vip/cockybook repository through 2015-04-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31571 | 1 Python-flask-restful-api Project | 1 Python-flask-restful-api | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31570 | 1 Ceneo-web-scrapper Project | 1 Ceneo-web-scrapper | 2022-07-15 | 7.5 HIGH | 9.8 CRITICAL |
| The adriankoczuruek/ceneo-web-scrapper repository through 2021-03-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-32061 | 1 Snipeitapp | 1 Snipe-it | 2022-07-15 | 3.5 LOW | 4.8 MEDIUM |
| An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2022-33103 | 1 Denx | 1 U-boot | 2022-07-15 | 4.6 MEDIUM | 7.8 HIGH |
| Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). | |||||
| CVE-2022-24139 | 1 Iobit | 1 Advanced System Care | 2022-07-15 | 7.2 HIGH | 7.8 HIGH |
| In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used. | |||||
| CVE-2022-31568 | 1 Rexians | 1 Rex-web | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31556 | 1 Trainenergyserver Project | 1 Trainenergyserver | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31555 | 1 Nurse Quest Project | 1 Nurse Quest | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31554 | 1 Movie-review-sentiment-analysis Project | 1 Movie-review-sentiment-analysis | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31553 | 1 Sleep Learner Project | 1 Sleep Learner | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31552 | 1 Anuvaad-corpus Project | 1 Anuvaad-corpus | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31551 | 1 Flask-mongo-skel Project | 1 Flask-mongo-skel | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31550 | 1 Python Athena Stack Project | 1 Python Athena Stack | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31549 | 1 Helm-flask-celery Project | 1 Helm-flask-celery | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||
| CVE-2022-31548 | 1 Homepage Project | 1 Homepage | 2022-07-15 | 6.4 MEDIUM | 9.3 CRITICAL |
| The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | |||||