Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-22
Total 6658 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31534 1 Pythonweb Project 1 Pythonweb 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31533 1 Umbral Project 1 Umbral 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31559 1 Flask-yeoman Project 1 Flask-yeoman 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31560 1 Photo Tag Project 1 Photo Tag 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31562 1 Internshipsystem Project 1 Internshipsystem 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31561 1 Sphere Imagebackend Project 1 Sphere Imagebackend 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31564 1 Munhak 1 Munhak-moa 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The woduq1414/munhak-moa repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31563 1 Vprj Project 1 Vprj 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31566 1 Data Stream Algorithm Benchmark Project 1 Data Stream Algorithm Benchmark 2022-07-15 5.0 MEDIUM 8.6 HIGH
The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31565 1 Syrabond Project 1 Syrabond 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31502 1 Wormnest Project 1 Wormnest 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The operatorequals/wormnest repository through 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31501 1 Onyxforum Project 1 Onyxforum 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The ChaoticOnyx/OnyxForum repository before 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31506 1 Cmu 1 Opendiamond 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31505 1 Mercadoenlineaback Project 1 Mercadoenlineaback 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31504 1 Baiduwenkuspider Flaskweb Project 1 Baiduwenkuspider Flaskweb 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31508 1 Idayrus 1 E-voting 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31509 1 Iedadata 1 Usap-dc Web Submission And Dataset Search 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31510 1 Simple-rat Project 1 Simple-rat 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The sergeKashkin/Simple-RAT repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31507 1 Ganga Project 1 Ganga 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVE-2022-31514 1 Fan Platform Project 1 Fan Platform 2022-07-15 6.4 MEDIUM 9.3 CRITICAL
The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.