2030 matches found
CVE-2022-31525
The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31534
The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31565
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31547
The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31521
The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31574
The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31503
The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31530
The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31585
The umeshpatil-dev/Homeinternet repository through 2020-08-28 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31567
The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31505
The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31541
The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2020-10875
Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp...
CVE-2023-4172
A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...
CVE-2023-25050
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Vova Anokhin Shortcodes Ultimate allows Absolute Path Traversal.This issue affects Shortcodes Ultimate: from n/a through 5.12.6...
CVE-1999-0882
Falcon web server allows remote attackers to determine the absolute path of the web root via long file names...
CVE-2025-15237
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...
SUSE CVE-2025-67818
An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craft an entry name with an absolute path e.g., /etc/... or use parent directory traversal ../../.. to escape the restore root when a backup is restored, potentially creating or...
AZL-73526 CVE-2025-69226 affecting package python-aiohttp 3.6.2-3
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses...
CVE-2025-69226
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses...