CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-0018

Malware in sbrugna...

4.3CVSS4.5AI score0.06665EPSS

Exploits5References9

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-0017

Malware in sbrugna...

5.4CVSS5.4AI score0.00847EPSS

Exploits0References8

Github Security Blog•added 2022/05/17 2:52 a.m.•12 views

Cherry Music Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist...

5.4CVSS5.4AI score0.00847EPSS

Exploits0References7Affected Software1

Github Security Blog•added 2022/05/17 2:52 a.m.•14 views

Cherry Music directory traversal vulnerability

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

4.3CVSS6.5AI score0.06665EPSS

Exploits5References8Affected Software1

OSV•added 2022/05/17 2:52 a.m.•4 views

GHSA-4WCC-JV3P-PRQW Cherry Music Cross-site Scripting (XSS) vulnerability

5.4CVSS5.1AI score0.00847EPSS

Exploits0References7

OSV•added 2022/05/17 2:52 a.m.•5 views

GHSA-Q624-9634-77GH Cherry Music directory traversal vulnerability

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

5.3CVSS4.4AI score0.06665EPSS

Exploits5References8

GitLab Advisory Database•added 2022/05/17 12:0 a.m.•8 views

Cherry Music directory traversal vulnerability

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

4.3CVSS6.4AI score0.06665EPSS

Exploits5References8Affected Software1

GitLab Advisory Database•added 2022/05/17 12:0 a.m.•11 views

Cherry Music Cross-site Scripting (XSS) vulnerability

5.4CVSS5.3AI score0.00847EPSS

Exploits0References7Affected Software1

Prion•added 2017/03/27 3:59 p.m.•7 views

Directory traversal

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

4CVSS6.7AI score0.06665EPSS

Exploits5References5Affected Software1

PyPA•added 2017/03/27 3:59 p.m.•4 views

PYSEC-2017-99

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

4.3CVSS6.8AI score0.06665EPSS

Exploits5References6Affected Software1

PyPA•added 2017/03/27 3:59 p.m.•5 views

PYSEC-2017-100

5.4CVSS5.9AI score0.00847EPSS

Exploits0References5Affected Software1

Prion•added 2017/03/27 3:59 p.m.•15 views

Cross site scripting

3.5CVSS5.6AI score0.00847EPSS

Exploits0References4Affected Software1

OSV•added 2017/03/27 3:59 p.m.•16 views

PYSEC-2017-99

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

4.3CVSS4.4AI score0.06665EPSS

Exploits5References6

OSV•added 2017/03/27 3:59 p.m.•10 views

PYSEC-2017-100

5.4CVSS3.2AI score0.00847EPSS

Exploits0References5

NVD•added 2017/03/27 3:59 p.m.•7 views

CVE-2015-8310

5.4CVSS5.1AI score0.00847EPSS

Exploits0References4

NVD•added 2017/03/27 3:59 p.m.•8 views

CVE-2015-8309

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

4.3CVSS4.4AI score0.06665EPSS

Exploits5References5

Cvelist•added 2017/03/27 3:0 p.m.•15 views

CVE-2015-8309

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."...

4.3AI score0.06665EPSS

Exploits5References5

Cvelist•added 2017/03/27 3:0 p.m.•12 views

CVE-2015-8310

5.1AI score0.00847EPSS

Exploits0References4

CVE•added 2017/03/27 3:0 p.m.•51 views

CVE-2015-8309

Cherry Music (the CherryMusic project) contains a directory traversal vulnerability (CVE-2015-8309) affecting versions before 0.36.0. The flaw allows remote authenticated users to read arbitrary files via the value parameter to the download endpoint, due to insufficient validation in the file pat...

4.3CVSS4.3AI score0.06665EPSS

Exploits5References5Affected Software1

CVE•added 2017/03/27 3:0 p.m.•33 views

CVE-2015-8310

Cherry Music (before 0.36.0) is affected by an XSS vulnerability where remote authenticated users can inject arbitrary script/HTML via the playlistname field when creating a new playlist. This is the concrete vulnerability described across multiple connected references and CVE records. The docume...

5.4CVSS5AI score0.00847EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by