CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

767 matches found

Cvelist•added 2025/11/13 8:27 a.m.•8 views

CVE-2025-12015 Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Afosto Disconnect

The Convert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpajaxwpqaidisconnectquicqafosto' AJAX endpoint in all versions up to, an...

4.3CVSS0.00173EPSS

Exploits0References2

Positive Technologies•added 2025/11/13 12:0 a.m.•5 views

PT-2025-46793

Name of the Vulnerable Software and Affected Versions Convert WebP & AVIF | Quicq versions prior to 2.0.1 Description The Convert WebP & AVIF | Quicq WordPress plugin is susceptible to unauthorized data modification. This is due to a missing capability check on the wp ajax wpqai disconnect quicq...

4.3CVSS6.3AI score0.00173EPSS

Exploits0References4

Rosalinux•added 2025/11/10 6:21 a.m.•8 views

Advisory ROSA-SA-2025-3072

Software: libwebp 1.0.0 OS: ROSA Virtualization 3.0 unaffected versions = libwebp-1.0.0.0-10.0.1.rv30 affected versions libwebp-1.0.0.0-10.0.1.rv30 CVE-ID: CVE-2020-36332 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libwebp library for WebP image encoding and decoding is associated...

7.5CVSS9AI score0.01966EPSS

Exploits0

OSV•added 2025/10/24 12:16 a.m.•1 views

OSV-2025-855 Use-of-uninitialized-value in AlphaReplace_SSE2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=454314139 Crash type: Use-of-uninitialized-value Crash state: AlphaReplaceSSE2 WebPReplaceTransparentPixels WebPEncode...

7AI score

Exploits0References1

OSV•added 2025/10/09 12:14 a.m.•4 views

OSV-2025-825 UNKNOWN WRITE in RescalerImportRowExpand_SSE2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=449781448 Crash type: UNKNOWN WRITE Crash state: RescalerImportRowExpandSSE2 WebPRescalerImport ProcessRows...

7AI score

Exploits0References1