CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/01/09 10:48 a.m.•2 views

CVE-2022-31539

The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.00432EPSS

Exploits1References1

NVD•added 2022/07/11 1:15 a.m.•8 views

CVE-2022-31579

The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS0.00432EPSS

Exploits0References1

Prion•added 2022/07/11 1:15 a.m.•6 views

Path traversal

The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

6.4CVSS9.3AI score0.00432EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2022/04/29 12:0 a.m.•2 views

PT-2022-16970 · Flask +1 · Flask +1

Name of the Vulnerable Software and Affected Versions: Piano LED Visualizer versions 1.3 and prior Description: The issue concerns a path traversal attack. The os.path.join call is unsafe for use with untrusted input, as it ignores all parameters encountered before an absolute path and starts...

9.9CVSS8.5AI score0.73295EPSS

Exploits1References8

OSV•added 2021/01/26 6:16 p.m.•0 views

CVE-2021-25864

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file...

7.5CVSS7.2AI score0.56956EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by