Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

15 matches found

RedhatCVE
RedhatCVEadded 2026/04/20 7:22 p.m.1 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS6AI score0.00061EPSS
Exploits0References1
Circl
Circladded 2026/04/18 5:18 a.m.1 views

CVE-2026-40492

creationtimestamp| type| source ---|---|--- 2026-04-18 05:18:34+00:00| published-proof-of-concept| Telegram/veDSMFN7ecyhltWdKUwpcYAyE-ogEw-qfchv6YBZH7Zn1oc 2026-04-18 05:38:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjqpx4bamu26 2026-04-18 06:00:28+00:00| seen|...

9.8CVSS4.8AI score0.00061EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/04/18 1:39 a.m.2 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS5.6AI score0.00061EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/04/18 1:39 a.m.1 views

CVE-2026-40492 SAIL has heap buffer overflow in XWD decoder — bits_per_pixel vs pixmap_depth type confusion in byte-swap

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS6AI score0.00061EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 7:38 a.m.3 views

CVE-2024-40492

Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function...

7.1CVSS7.4AI score0.07683EPSS
Exploits2References1
Circl
Circladded 2024/07/18 12:55 a.m.1 views

CVE-2024-40492

creationtimestamp| type| source ---|---|--- 2024-07-18 00:55:02+00:00| seen| https://t.me/cvedetector/1127...

7.1CVSS4.8AI score0.07683EPSS
Exploits2References1
CVE
CVEadded 2024/07/17 12:0 a.m.49 views

CVE-2024-40492

Heartbeat Chat, v15.2.1, is affected by CVE-2024-40492 through a Cross Site Scripting flaw in the setname function. The vulnerability allows a remote attacker to execute arbitrary code in the context of the user’s browser, with network access and user interaction required. Severity is HIGH (CVSS ...

7.1CVSS7.5AI score0.07683EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/17 12:0 a.m.10 views

CVE-2024-40492

Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function...

7.3AI score0.07683EPSS
Exploits2References1
OSV
OSVadded 2024/05/03 3:15 a.m.1 views

CVE-2023-40492

LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.1CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2024/05/03 3:15 a.m.1 views

CVE-2023-40492

LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.1CVSS7.5AI score0.39853EPSS
Exploits0References2
NVD
NVDadded 2024/05/03 3:15 a.m.9 views

CVE-2023-40492

LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...

9.1CVSS8.2AI score0.39853EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/05/03 2:11 a.m.11 views

CVE-2023-40492 LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists...

8.2CVSS8.3AI score0.39853EPSS
Exploits0References1
CVE
CVEadded 2021/09/03 4:47 p.m.45 views

CVE-2021-40492

The CVE-2021-40492 entry refers to a reflected XSS in Gibbon, version 22. Affected software: Gibbon application (version 22). Vulnerable component: multiple index.php pages that reflect user-controlled input. Root cause: improper sanitization/escaping leading to arbitrary JavaScript execution. Ex...

6.1CVSS6.1AI score0.09965EPSS
Exploits0References2Affected Software1
Circl
Circladded 2021/09/03 2:28 p.m.1 views

CVE-2021-40492

creationtimestamp| type| source ---|---|--- 2021-09-03 14:28:22+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/506 2021-09-03 20:37:18+00:00| seen| https://t.me/cibsecurity/28266...

6.1CVSS6.1AI score0.09965EPSS
Exploits0References2
CNVD
CNVDadded 2018/11/22 12:0 a.m.1 views

Portainer has an unspecified vulnerability (CNVD-2019-40492)

Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A security vulnerability exists in Portainer 1.19.2 and earlier versions, which stems from an API endpoint used for authentication returning 404 when an administrator has not been created, and...

9.8CVSS7.2AI score0.00268EPSS
Exploits1References1
Rows per page
Query Builder