CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2034 matches found

RedHat Linux•added 2025/10/06 1:30 a.m.•5 views

firefox: thunderbird: Integer overflow in the SVG component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the SVG component...

8.8CVSS7.4AI score0.00136EPSS

Exploits0References6

RedHat Linux•added 2025/10/06 1:30 a.m.•4 views

firefox: thunderbird: Integer overflow in the SVG component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the SVG component...

8.8CVSS7.4AI score0.00136EPSS

Exploits0References6

Positive Technologies•added 2025/10/06 12:0 a.m.•1 views

PT-2025-40911

Name of the Vulnerable Software and Affected Versions Emlog versions up to and including 2.5.22 Description A cross-site scripting XSS issue exists in Emlog, potentially allowing authenticated remote attackers to inject arbitrary web script or HTML. This is possible through the file upload...

6.1CVSS5.8AI score0.00035EPSS

Exploits1References6

Positive Technologies•added 2025/10/06 12:0 a.m.•8 views

PT-2025-40853

Name of the Vulnerable Software and Affected Versions The Ultimate Addons for Elementor Formerly Elementor Header & Footer Builder versions prior to 2.5.0 Description The software does not properly sanitize SVG file contents when uploaded. This occurs when using the xmlrpc.php endpoint with base6...

4.3CVSS6AI score0.00027EPSS

Exploits0References6

CNNVD•added 2025/10/06 12:0 a.m.•2 views

KUNO 代码问题漏洞

KUNO is a blogging application by the individual developer XueMian ICT.RUN. A code issue vulnerability exists in KUNO versions prior to 1.3.15, which stems from the media module allowing the upload of specially crafted SVG files, which could lead to a server-side request forgery attack...

5.1CVSS6.9AI score0.00085EPSS

Exploits0References3

Cvelist•added 2025/10/03 9:46 p.m.•6 views

CVE-2025-61681 Kuno is Vulnerable to Stored XSS Attack via SVG File Upload

KUNO CMS is a fully deployable full-stack blog application. Versions 1.3.13 and below contain validation flaws in its file upload functionality that can be exploited for stored XSS. The upload endpoint only validates file types based on Content-Type headers, lacks file content analysis and...

5.4CVSS0.00021EPSS

Exploits0References3