CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

9.8CVSS7.8AI score0.03178EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:48 p.m.•9 views

CVE-2022-30546

Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

7.8CVSS7.3AI score0.00418EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:5 a.m.•6 views

CVE-2019-13647

Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$fileid$ attachment viewing. NOTE: It is asserted that an attacker must have the same access rights as the user in...

5.4CVSS6AI score0.00206EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:36 a.m.•5 views

CVE-2018-15815

FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+0x00000000003ef68a via a crafted image file...

5.5CVSS7AI score0.00165EPSS

Exploits1References1

OSV•added 2024/04/19 1:15 p.m.•17 views

CVE-2024-31744

In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file...

7.5CVSS6.9AI score

Exploits0References2

BDU FSTEC•added 2024/02/06 12:0 a.m.•1 views

The vulnerability of the TIFFOpen() function in the LibTIFF API library, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the TIFFOpen function in the LibTIFF library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7AI score0.0375EPSS

Exploits1References14Affected Software4

OSV•added 2023/08/22 7:16 p.m.•5 views

CVE-2020-21426

Buffer Overflow vulnerability in function CIStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file...

7.8CVSS7.3AI score

Exploits0References3

OSV•added 2023/08/11 2:15 p.m.•3 views

CVE-2021-25856

An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php...

4.9CVSS5.8AI score

Exploits0References1

Vulnrichment•added 2023/05/17 12:0 a.m.•8 views

CVE-2023-31699

ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting XSS via image file...

5.8AI score0.01324EPSS

Exploits3References1

Ubuntu•added 2023/05/16 1:26 p.m.•51 views

USN-6078-1: libwebp vulnerability

Irvan Kurniawan discovered that libwebp incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute...

7.5CVSS7.5AI score0.00353EPSS

Exploits0

NVD•added 2022/09/01 6:15 p.m.•13 views

CVE-2020-35531

In LibRaw, an out-of-bounds read vulnerability exists within the gethuffmandiff function libraw\src\x3f\x3futilspatched.cpp when reading data from an image file...

5.5CVSS0.00029EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by