CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

NVD•added 2026/05/14 4:16 p.m.•5 views

CVE-2026-42591

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely...

8.2CVSS0.00039EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-7377

Malicious code in bioql PyPI...

7.2CVSS8.2AI score0.00119EPSS

Exploits0References1

RedhatCVE•added 2025/03/05 6:41 a.m.•10 views

CVE-2025-1080

A flaw was found in LibreOffice. In the affected versions of LibreOffice, a link in a browser using that scheme could be constructed with an embedded inner URL that, when passed to LibreOffice, could call internal macros with arbitrary arguments...

7.6CVSS7AI score0.00119EPSS

Exploits0References4

OSV•added 2024/06/06 9:15 p.m.•2 views

CVE-2024-36795

Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors...

4CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2024/05/30 12:0 a.m.•2 views

PT-2024-4671 · NetGear · Netgear Wnr614

Name of the Vulnerable Software and Affected Versions: Netgear WNR614 version JNR1010V2/N300-V1.1.0.54 1.0.1 Description: The issue is related to insecure permissions in the Netgear WNR614 router's firmware, which can allow attackers to access URLs and directories embedded within the firmware via...

5.2CVSS6.9AI score0.00065EPSS

Exploits1References10

Positive Technologies•added 2023/06/06 12:0 a.m.•5 views

PT-2023-23958 · Synapse +2 · Synapse +2

Name of the Vulnerable Software and Affected Versions: Synapse versions prior to 1.85.0 Description: A discovered oEmbed or image URL can bypass the url preview url blacklist setting, potentially allowing server-side request forgery or bypassing network policies. The impact is limited to IP...

8.2CVSS5.8AI score0.0419EPSS

Exploits0References36

OpenVAS•added 2023/01/06 12:0 a.m.•13 views

Discourse 2.9.0.beta14 Information Disclosure Vulnerability (GHSA-q9jp-xv4g-328f)

Discourse is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.5CVSS5.3AI score0.00067EPSS

Exploits0References1

0day.today•added 2021/12/28 12:0 a.m.•602 views

Microsoft Windows Explorer Preview Pane Security Bypass Vulnerability

Previewing a WMA/WMV media format on Windows Explorer through its Preview Pane causes embedded URLs to be automatically opened in the default browser without displaying any prompt. Exploit Title: Windows Explorer Preview Pane WMV/WMA media Automatic URI Opening Vulnerability Exploit Author: Eduar...

6.9AI score

Exploits0

Microsoft CVE•added 2018/07/10 7:0 a.m.•18 views

Windows Mail Client Information Disclosure Vulnerability

An information disclosure vulnerability exists in Windows Mail Client when a message is opened. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability, an attacker would have to send a malicious email to a user and...

6.5CVSS2AI score0.19332EPSS

Exploits0

Microsoft CVE•added 2018/05/08 7:0 a.m.•28 views

Microsoft Outlook Information Disclosure Vulnerability

An information disclosure vulnerability exists in Outlook when a message is opened. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability, an attacker would have to send a malicious email to a user and convince the...

6.5CVSS0.8AI score0.2302EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by