Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/05/12 7:23 p.m.5 views

EUVD-2026-29793

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...

4.4CVSS5.8AI score0.00027EPSS
Exploits1References1
Packet Storm
Packet Stormadded 2025/05/01 12:0 a.m.84 views

📄 Craft CMS Image Transform Pre-Authenticaton Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Craft CMS versions 3.x, 4.x, and 5.x prior to 5.6.17 via the image transform endpoint. It injects a PHP Meterpreter payload into the Craft session, then triggers its execution by abusing the Yii behavior...

10CVSS9.4AI score0.93094EPSS
Exploits13
NVD
NVDadded 2023/09/29 7:15 a.m.19 views

CVE-2023-3906

An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy...

3.5CVSS3.9AI score0.00225EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/05/08 12:0 a.m.14 views

CVE-2023-27929

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory...

6.1AI score0.00147EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/02/15 5:32 a.m.2 views

SUSE CVE-2014-0134

The instance rescue mode in OpenStack Compute Nova 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and usecowimages is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image...

3.5CVSS6.5AI score0.00201EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2021/08/09 7:15 p.m.24 views

CVE-2021-37619

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

5.5CVSS6.7AI score0.00074EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2017/04/09 2:0 p.m.25 views

CVE-2017-7592

The putagreytile function in tifgetimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

7.8CVSS7.9AI score0.00201EPSS
Exploits0
OpenVAS
OpenVASadded 2009/08/17 12:0 a.m.30 views

Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk)

The remote host is missing an update to java-1.6.0-openjdk announced via advisory MDVSA-2009:162. OpenVAS Vulnerability Test $Id: mdksa2009162.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:162 java-1.6.0-openjdk Authors: Thomas Reinke Copyright:...

10CVSS1.9AI score0.29364EPSS
Exploits5
Rows per page
Query Builder