Lucene search
K

12 matches found

SUSE CVE
SUSE CVE
added 2025/11/13 12:23 a.m.4 views

SUSE CVE-2025-64486

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS7.8AI score0.00159EPSS
Exploits0References3
CNVD
CNVD
added 2025/11/12 12:0 a.m.8 views

Calibre Input Validation Error Vulnerability (CNVD-2025-27923)

Calibre is an open source free all-in-one eBook reading management and format conversion tool. An input validation error vulnerability exists in Calibre 8.13.0 and earlier versions, which stems from handling binary resources in FB2 files without validating the filename, and can be exploited by an...

9.3CVSS7.6AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/11/08 12:15 a.m.8 views

CVE-2025-64486

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS0.00159EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/08 12:0 a.m.7 views

Calibre 安全漏洞

Calibre is an open source free all-in-one eBook reading management and format conversion tool. An input validation error vulnerability exists in Calibre 8.13.0 and earlier versions, which stems from handling binary resources in FB2 files without validating the filename, and can be exploited by an...

9.3CVSS7.5AI score0.00159EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/11/07 11:25 p.m.6 views

CVE-2025-64486

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS5.8AI score0.00159EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/07 11:25 p.m.5 views

CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS0.00159EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/07 11:25 p.m.3 views

EUVD-2025-38333

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS7.3AI score0.00159EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/07 11:25 p.m.1 views

CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS7.1AI score0.00159EPSS
Exploits0References2
OSV
OSV
added 2025/11/07 11:25 p.m.3 views

CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS7.8AI score0.00159EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2020/11/03 11:9 a.m.4 views

fb2.in.ua Cross Site Scripting vulnerability OBB-1479436

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
0day.today
0day.today
added 2015/10/25 12:0 a.m.41 views

Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR and DEP bypass) Vulnerability

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: Alreader 2.5 .fb2 SEH Based Stack Overflow ASLR and DEP bypass Date: 25.10.2015 Category: Local Exploit Exploit Author: g00dv1n Contact: email protected Version: 2.5 Tested on: Windows XP SP3 / Windows 7 /...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2015/10/25 12:0 a.m.17 views

Alreader 2.5 .fb2 - Based Stack Overflow (SEH) (ASLR + DEP Bypass)

Alreader 2.5 .fb2 - Based Stack Overflow SEH ASLR + DEP Bypass !/usr/bin/env python Exploit Title: Alreader 2.5 .fb2 SEH Based Stack Overflow ASLR and DEP bypass Date: 25.10.2015 Category: Local Exploit Exploit Author: g00dv1n Contact: [email protected] Version: 2.5 Tested on: Windows XP...

0.5AI score
Exploits0
Rows per page
Query Builder