Export limit exceeded: 336322 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8496 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32085 | 3 Debian, Mariadb, Redhat | 4 Debian Linux, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. | ||||
| CVE-2022-32084 | 4 Debian, Fedoraproject, Mariadb and 1 more | 5 Debian Linux, Fedora, Mariadb and 2 more | 2024-11-21 | 7.5 High |
| MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. | ||||
| CVE-2022-32083 | 3 Debian, Mariadb, Redhat | 4 Debian Linux, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker. | ||||
| CVE-2022-32081 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. | ||||
| CVE-2022-31836 | 1 Beego | 1 Beego | 2024-11-21 | 9.8 Critical |
| The leafInfo.match() function in Beego v2.0.3 and below uses path.join() to deal with wildcardvalues which can lead to cross directory risk. | ||||
| CVE-2022-31793 | 2 Arris, Inglorion | 13 Bgw210, Bgw210 Firmware, Bgw320 and 10 more | 2024-11-21 | 7.5 High |
| do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected. | ||||
| CVE-2022-31662 | 3 Linux, Microsoft, Vmware | 6 Linux Kernel, Windows, Access Connector and 3 more | 2024-11-21 | 7.5 High |
| VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files. | ||||
| CVE-2022-31588 | 1 Testplatform Project | 1 Testplatform | 2024-11-21 | 9.3 Critical |
| The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31587 | 1 Kg-fashion-chatbot Project | 1 Kg-fashion-chatbot | 2024-11-21 | 9.3 Critical |
| The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31586 | 1 Changepop-back Project | 1 Changepop-back | 2024-11-21 | 9.3 Critical |
| The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31585 | 1 Home Internet Project | 1 Home Internet | 2024-11-21 | 9.3 Critical |
| The umeshpatil-dev/Home__internet repository through 2020-08-28 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31584 | 1 S3label Project | 1 S3label | 2024-11-21 | 9.3 Critical |
| The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31583 | 1 Automatedquizeval Project | 1 Automatedquizeval | 2024-11-21 | 9.3 Critical |
| The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31582 | 1 Videoserver Project | 1 Videoserver | 2024-11-21 | 9.3 Critical |
| The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31581 | 1 Scorelab | 1 Openmf | 2024-11-21 | 9.3 Critical |
| The scorelab/OpenMF repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31580 | 1 Caretakerr-api Project | 1 Caretakerr-api | 2024-11-21 | 9.3 Critical |
| The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31579 | 1 Iasset Project | 1 Iasset | 2024-11-21 | 9.3 Critical |
| The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31578 | 1 Bt Lnmp Project | 1 Bt Lnmp | 2024-11-21 | 7.5 High |
| The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31577 | 1 Audio Aligner App Project | 1 Audio Aligner App | 2024-11-21 | 9.3 Critical |
| The longmaoteamtf/audio_aligner_app repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||
| CVE-2022-31576 | 1 Shackerpanel Project | 1 Shackerpanel | 2024-11-21 | 9.3 Critical |
| The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. | ||||