CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/04/01 5:3 p.m.•3 views

CVE-2026-34243

wenxian is a tool to generate BIBTEX files from given identifiers DOI, PMID, arXiv ID, or paper title. In versions 0.3.1 and prior, a GitHub Actions workflow uses untrusted user input from issuecomment.body directly inside a shell command, allowing potential command injection and arbitrary code...

9.8CVSS6.4AI score0.00081EPSS

Exploits1References1

RedhatCVE•added 2025/08/24 4:6 p.m.•4 views

CVE-2025-55741

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intend...

8.1CVSS6.2AI score0.00102EPSS

Exploits1References1

CVE•added 2025/08/19 6:26 p.m.•25 views

CVE-2025-55733

DeepChat (prior to version 0.3.1) is affected by a remote code execution flaw that is triggered by embedding a specially crafted deepchat: URL on any website. When a user visits the site or clicks the link, the browser invokes the DeepChat app’s custom URL handler, which launches the application ...

9.6CVSS7.8AI score0.00473EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2025/08/19 12:0 a.m.•6 views

PT-2025-33844

Name of the Vulnerable Software and Affected Versions: DeepChat versions prior to 0.3.1 Description: DeepChat is a smart assistant that connects powerful AI to a user’s personal world. A remote code execution flaw exists in versions prior to 0.3.1. An attacker can exploit this issue by embedding ...

9.6CVSS6.4AI score0.00473EPSS

Exploits1References12

CNNVD•added 2025/08/19 12:0 a.m.•2 views

ThinkInAIXYZ DeepChat 安全漏洞

ThinkInAIXYZ DeepChat is an intelligent assistant open-sourced by ThinkInAIXYZ. A security vulnerability exists in ThinkInAIXYZ DeepChat versions prior to 0.3.1, which stems from a specially crafted URL that could lead to remote code execution...

9.6CVSS7.8AI score0.00473EPSS

Exploits1References4

CNNVD•added 2023/06/17 12:0 a.m.•3 views

Nanopb 缓冲区错误漏洞

Nanopb is a protocol buffer implementation for microprocessors from the individual developers of Nanopb. A security vulnerability exists in Nanopb versions prior to 0.3.1, which stems from an overflow in pbdecbytes and pbdecstring...

9.8CVSS8.6AI score0.00118EPSS

Exploits0References4

Positive Technologies•added 2021/11/25 12:0 a.m.•2 views

PT-2021-5297

Name of the Vulnerable Software and Affected Versions Ruby versions prior to 2.7.5 Ruby versions 3.x prior to 3.0.3 CGI gem versions prior to 0.3.1 Description The issue is caused by an integer overflow and resultant buffer overflow in the CGI.escape html function when a long string is passed to ...

10CVSS8.5AI score0.05892EPSS

Exploits6References84

CNVD•added 2020/11/04 12:0 a.m.•1 views

opentmpfiles Backlink Vulnerability

OpenRC opentmpfiles is the OpenRC team's software for working with tmpfiles.d files on systems that rely on the Systemd daemon for management. A security vulnerability exists in versions of opentmpfiles prior to 0.3.1 that allows a local user to have full privileges to arbitrary files...

5.5CVSS6.7AI score0.00049EPSS

Exploits1References1

NVD•added 2017/04/21 8:59 p.m.•16 views

CVE-2016-2347

Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...

7.8CVSS7.7AI score0.00417EPSS

Exploits1References6

OSV•added 2017/04/21 8:59 p.m.•0 views

UBUNTU-CVE-2016-2347

Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...

7.8CVSS6.2AI score0.00417EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by