CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1017 matches found

CNNVD•added 2026/05/26 12:0 a.m.•5 views

SQUIRREL 安全漏洞

SQUIRREL is a programming language developed by Alberto Demichelis. It is the stable version of SQUIRREL 3.2. Versions of SQUIRREL 3.2 and earlier had security vulnerabilities. These vulnerabilities were caused by improper handling of the ReadObject function in the Cnut File Handler component,...

5.3CVSS6.3AI score0.00023EPSS

Exploits1References5

Positive Technologies•added 2026/05/26 12:0 a.m.•5 views

PT-2026-43246

Name of the Vulnerable Software and Affected Versions Squirrel versions prior to 3.3 Description A heap-based buffer overflow occurs in the Cnut File Handler component within the ReadObject function of the squirrel/sqobject.cpp file. This issue allows a local attacker to perform a manipulation th...

5.3CVSS6.1AI score0.00023EPSS

Exploits1References8

Cvelist•added 2026/05/25 9:0 p.m.•18 views

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS0.00014EPSS

Exploits0References7

Vulnrichment•added 2026/05/25 9:0 p.m.•6 views

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

4.8CVSS5.4AI score0.00014EPSS

Exploits0References7

NVD•added 2026/05/25 4:16 a.m.•13 views

CVE-2026-9421

A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

7.5CVSS0.00047EPSS

Exploits0References3

ATTACKERKB•added 2026/05/25 3:15 a.m.•4 views

CVE-2026-9421

7.5CVSS5.5AI score0.00047EPSS

Exploits0References4

EUVD•added 2026/05/25 3:15 a.m.•11 views

EUVD-2026-31624

7.5CVSS5.5AI score0.00047EPSS

Exploits0References3

Cvelist•added 2026/05/25 3:15 a.m.•30 views

CVE-2026-9421 KLiK SocialMediaWebsite File upload.inc.php uniqid unrestricted upload

7.5CVSS0.00047EPSS

Exploits0References3

CNNVD•added 2026/05/25 12:0 a.m.•4 views

KLiK SocialMediaWebsite 代码问题漏洞

KLiK SocialMediaWebsite is a simple PHP-based social media website by the individual developer Muhammad Saad. A code issue vulnerability exists in version 1.0 of KLiK SocialMediaWebsite, which stems from the File Handler component's manipulation of the function uniqid in the file upload.inc.php,...

7.5CVSS7.1AI score0.00047EPSS

Exploits0References4

Positive Technologies•added 2026/05/25 12:0 a.m.•9 views

PT-2026-42999

7.5CVSS6.8AI score0.00047EPSS

Exploits0References3

NVD•added 2026/05/21 10:16 p.m.•9 views

CVE-2026-8432

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/backend/file star. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan Dror...

8.8CVSS0.00019EPSS

Exploits0References1

OSV•added 2026/05/20 11:48 a.m.•3 views

BIT-GDAL-2026-8213 OSGeo gdal Grid File GDapi.c GDSDfldsrch heap-based overflow

A vulnerability has been found in OSGeo gdal up to 3.13.0. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has be...

5.5CVSS5.5AI score0.00008EPSS

Exploits1References9

Tenable Nessus•added 2026/05/20 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-8213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the...

5.5CVSS5.7AI score0.00008EPSS

Exploits1References2

EUVD•added 2026/05/13 12:48 a.m.•4 views

EUVD-2026-29850

Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...

7.6CVSS5.9AI score0.0004EPSS

Exploits0References5

RedhatCVE•added 2026/05/11 8:27 p.m.•3 views

CVE-2026-8213

A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit h...

5.5CVSS5.6AI score0.00008EPSS

Exploits1References1

RedhatCVE•added 2026/05/11 8:27 p.m.•7 views

CVE-2026-8211

A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of the component JSP File Handler. The manipulation of the argument content results in code injection. The attack may...

5.8CVSS5.6AI score0.00053EPSS

Exploits0References1

RedhatCVE•added 2026/05/11 8:27 p.m.•5 views

CVE-2026-8195

A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component SVG File Handler. The manipulation results in cross site...

5.3CVSS4.2AI score0.00033EPSS

Exploits0References1