Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31540 Path Traversal vulnerability in Hin-Eng-Preprocessing Project Hin-Eng-Preprocessing 20190716
The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
hin-eng-preprocessing-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31541 Path Traversal vulnerability in Barry Voice Assistant Project Barry Voice Assistant 20210118
The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
barry-voice-assistant-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31542 Path Traversal vulnerability in Mdweb Project Mdweb 20150507
The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
mdweb-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31543 Path Traversal vulnerability in Setupbox Project Setupbox 1.0
The maxtortime/SetupBox repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
setupbox-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31544 Path Traversal vulnerability in Xtomo Robo-Tom
The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
xtomo CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31545 Path Traversal vulnerability in Modelconverter Project Modelconverter 20210426
The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
modelconverter-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31546 Path Traversal vulnerability in Glance Project Glance 20140627
The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
glance-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31547 Path Traversal vulnerability in Sphere Project Sphere 20200531
The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
sphere-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31548 Path Traversal vulnerability in Homepage Project Homepage 20170306
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
homepage-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31549 Path Traversal vulnerability in Helm-Flask-Celery Project Helm-Flask-Celery
The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
helm-flask-celery-project CWE-22
critical
 9.3
9.3