Lucene search
K

7 matches found

Nuclei
Nuclei
added 12 hours ago26 views

Piano LED Visualizer 1.3 - Local File Inclusion

Piano LED Visualizer 1.3 and prior are vulnerable to local file inclusion. id: CVE-2022-24900 info: name: Piano LED Visualizer 1.3 - Local File Inclusion author: 0xAkoko severity: high description: | Piano LED Visualizer 1.3 and prior are vulnerable to local file inclusion. impact: | An attacker...

9.9CVSS7.2AI score0.08038EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/02/05 9:53 p.m.7 views

CVE-2022-24900

Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The os.path.join call is unsafe for use with untrusted input. When the os.path.join call encounters an absolute...

9.9CVSS6.7AI score0.08038EPSS
Exploits1References1
Circl
Circl
added 2022/04/29 6:24 p.m.5 views

CVE-2022-24900

creationtimestamp| type| source ---|---|--- 2022-04-29 18:24:30+00:00| published-proof-of-concept| https://t.me/cibsecurity/41658...

9.9CVSS8.1AI score0.08038EPSS
Exploits1References1
NVD
NVD
added 2022/04/29 2:15 p.m.9 views

CVE-2022-24900

Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The os.path.join call is unsafe for use with untrusted input. When the os.path.join call encounters an absolute...

9.9CVSS0.08038EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/04/29 1:50 p.m.6 views

CVE-2022-24900 Absolute Path Traversal due to incorrect use of `send_file` call in Piano LED Visualizer

Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The os.path.join call is unsafe for use with untrusted input. When the os.path.join call encounters an absolute...

9.9CVSS9.7AI score0.08038EPSS
Exploits1References5
OSV
OSV
added 2022/04/29 1:50 p.m.15 views

CVE-2022-24900 Absolute Path Traversal due to incorrect use of `send_file` call in Piano LED Visualizer

Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The os.path.join call is unsafe for use with untrusted input. When the os.path.join call encounters an absolute...

9.9CVSS8.3AI score0.08038EPSS
Exploits1References7
CVE
CVE
added 2022/04/29 1:50 p.m.204 views

CVE-2022-24900

CVE-2022-24900 affects Piano LED Visualizer 1.3 and earlier, where an insecure os.path.join allows path traversal when combined with untrusted input. If an absolute path is supplied, os.path.join discards the prior path and passes the result to flask.send_file, enabling access to unintended files...

9.9CVSS8.7AI score0.08038EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder