CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

Tenable Nessus•added 2026/03/13 12:0 a.m.•3 views

Cisco Secure Endpoint ClamAV CSS Parsing DoS (cisco-sa-clamav-css-Fn4QSZ)

According to its self-reported version, Cisco Secure Endpoint is affected by a denial of service DoS vulnerability. - A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

5.3CVSS5.8AI score0.00414EPSS

Exploits0References5

NVD•added 2026/03/04 6:16 p.m.•3 views

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

5.3CVSS0.00414EPSS

Exploits0References1

OSV•added 2026/03/04 6:16 p.m.•2 views

DEBIAN-CVE-2026-20031

5.3CVSS5.4AI score0.00414EPSS

Exploits0References1

Debian CVE•added 2026/03/04 5:17 p.m.•4 views

CVE-2026-20031

5.3CVSS5.4AI score0.00414EPSS

Exploits0

Veracode•added 2026/01/15 7:49 a.m.•8 views

Arbitrary File Upload

@n8n/n8n-nodes-langchain is vulnerable to Arbitrary File Upload. The vulnerability is due to improper validation and handling of uploaded files in the Chat Trigger component, which allows an attacker to upload a crafted HTML file and execute arbitrary code on the affected system...

8.8CVSS6.1AI score0.00557EPSS

Exploits1References6Affected Software3

RedhatCVE•added 2026/01/09 9:34 a.m.•5 views

CVE-2024-41597

Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...

4.2CVSS7.6AI score0.00241EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-13730

Malware in sbrugna...

7.8CVSS7.4AI score0.00786EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-42073

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00352EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-42072

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00352EPSS

Exploits1References6

RedhatCVE•added 2025/05/23 10:29 a.m.•7 views

CVE-2024-42563

An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file...

9.8CVSS7.7AI score0.00826EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 3:27 a.m.•4 views

CVE-2023-34856

A Cross Site Scripting XSS vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /authpic.cgi...

5.4CVSS6.2AI score0.0063EPSS

Exploits1

RedhatCVE•added 2025/05/23 12:27 a.m.•13 views

CVE-2022-47934

Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934...

6.5CVSS6.6AI score0.01047EPSS

Exploits2

RedhatCVE•added 2025/05/22 11:19 p.m.•3 views

CVE-2022-44311

html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elmclosetreenodet nodo at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service DoS via a crafted html file...

8.1CVSS7AI score0.01061EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:53 p.m.•6 views

CVE-2022-47932

Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933...

6.5CVSS6.3AI score0.01047EPSS

Exploits2References1

NVD•added 2024/10/25 7:15 p.m.•11 views

CVE-2024-48450

An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group...

6.5CVSS0.00496EPSS

Exploits0References1

CVE•added 2024/10/25 12:0 a.m.•39 views

CVE-2024-48450

CVE-2024-48450 affects Huly Platform v0.6.295. The issue is an arbitrary file upload vulnerability that enables an attacker to execute arbitrary code by uploading a crafted HTML file into a chat group. The available documents do not provide details on root cause beyond the upload mechanism, affec...

6.5CVSS7.7AI score0.00496EPSS

Exploits0References1

Vulnrichment•added 2024/10/25 12:0 a.m.•8 views

CVE-2024-48450

An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute arbitrary code via uploading a crafted HTML file into chat group...

7.6AI score0.00496EPSS

Exploits0References1

NVD•added 2024/08/20 1:15 p.m.•7 views

CVE-2024-42563

An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file...

9.8CVSS0.00826EPSS

Exploits1References1

NVD•added 2024/07/19 8:15 p.m.•26 views

CVE-2024-41597

Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...

4.2CVSS0.00241EPSS

Exploits1References1

Vulnrichment•added 2024/07/19 12:0 a.m.•15 views

CVE-2024-41597

Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to execute arbitrary code via a crafted HTML file to the comments functionality...

7.6AI score0.00241EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by