Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Vulnrichment
Vulnrichmentadded 2026/05/19 12:0 a.m.7 views

CVE-2026-30117

scalar/astro v0.1.13 was discovered to contain an arbitrary file upload vulnerability in the the scalarurl query parameter of the Scalar Proxy endpoint. This vulnerability allows attackers to execute arbitrary code via uploading a crafted SVG file...

6.2AI score0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/19 12:0 a.m.4 views

CVE-2026-30117

scalar/astro v0.1.13 was discovered to contain an arbitrary file upload vulnerability in the the scalarurl query parameter of the Scalar Proxy endpoint. This vulnerability allows attackers to execute arbitrary code via uploading a crafted SVG file...

6.2AI score0.00104EPSS
Exploits0References2
Snyk
Snykadded 2026/03/05 6:40 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the hotlinking process. An attacker can execute arbitrary JavaScript code in the context of users viewing the hotlinked SVG by uploading a crafted SVG file containing malicious scripts and creating a hotlink...

8.7CVSS5.7AI score0.00011EPSS
Exploits0References2
Snyk
Snykadded 2026/03/05 6:40 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the hotlinking process. An attacker can execute arbitrary JavaScript code in the context of users viewing the hotlinked SVG by uploading a crafted SVG file containing malicious scripts and creating a hotlink...

8.7CVSS5.7AI score0.00011EPSS
Exploits0References2
EUVD
EUVDadded 2026/02/24 1:43 a.m.2 views

EUVD-2026-7423

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Versions...

7.5CVSS5.3AI score0.00019EPSS
Exploits0References1
NVD
NVDadded 2025/10/16 7:15 p.m.1 views

CVE-2025-61514

An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file...

6.5CVSS0.00055EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2023/08/16 3:15 p.m.2 views

CVE-2023-39115

install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document...

9.8CVSS7.3AI score0.02212EPSS
Exploits5References5
CNNVD
CNNVDadded 2022/04/12 12:0 a.m.2 views

Butter 代码问题漏洞

Butter is a small playground program. A security vulnerability exists in Butter CMS v1.2.8 that allows an attacker to execute arbitrary code via a crafted SVG file...

9.8CVSS8.8AI score0.00618EPSS
Exploits1References5
BDU FSTEC
BDU FSTECadded 2015/11/20 12:0 a.m.1 views

The vulnerability of Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the AddWeightedPathSegLists and SVGPathSegListSMILType::Interpolate functions in browsers like Firefox and Firefox ESR is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effects on the system...

7.5CVSS8.1AI score0.0253EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder