Lucene search
+L

93 matches found

osv
osv
added 2026/03/16 12:0 a.m.3 views

CVE-2025-65734

An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file...

5.4CVSS6.3AI score0.00242EPSS
Exploits1References6
alpinelinux
alpinelinux
added 2026/02/24 1:43 a.m.5 views

CVE-2026-25985

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Versions...

7.5CVSS5.5AI score0.00501EPSS
Exploits0
redhatcve
redhatcve
added 2025/12/06 12:3 a.m.6 views

CVE-2025-65516

A stored cross-site scripting XSS vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the lin...

6.1CVSS5.5AI score0.0019EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/12/04 12:0 a.m.5 views

PT-2025-49098

A stored cross-site scripting XSS vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a crafted SVG file containing malicious JavaScript and share it using a public link. Opening the lin...

5.9AI score0.0019EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/10/31 12:13 a.m.6 views

CVE-2025-60950

An arbitrary file upload vulnerability in the Data Preparation function of AIxBlock commit f60975 allows attackers to execute arbitrary code via a crafted SVG file...

6.1CVSS7.9AI score0.00259EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-2966

Malware in sbrugna...

5.1CVSS6AI score0.02614EPSS
Exploits1References16
euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2017-6040

Malware in sbrugna...

7.8CVSS7.9AI score0.00502EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-11556

Malware in sbrugna...

5.5CVSS5.3AI score0.01425EPSS
Exploits1References7
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-7073

Malware in sbrugna...

4.3CVSS9.2AI score0.01983EPSS
Exploits0References10
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-3402

Malware in sbrugna...

5.5CVSS7.3AI score0.01879EPSS
Exploits0References16
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-21885

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00448EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52917

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01172EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/23 9:58 a.m.8 views

CVE-2024-27707

Server Side Request Forgery SSRF vulnerability in hcengineering Huly Platform v.0.6.202 allows attackers to run arbitrary code via upload of crafted SVG file...

4.3CVSS7.5AI score0.00328EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:42 a.m.9 views

CVE-2024-23180

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote...

8.8CVSS7.5AI score0.00918EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:0 a.m.5 views

CVE-2024-41304

An arbitrary file upload vulnerability in the uploadFileAction function of WonderCMS v3.4.3 allows attackers to execute arbitrary code via a crafted SVG file...

5.4CVSS8.1AI score0.00359EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 12:24 a.m.18 views

CVE-2022-47053

An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...

5.4CVSS7.8AI score0.00428EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/22 10:35 p.m.9 views

CVE-2022-27260

An arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file...

9.8CVSS7.8AI score0.02915EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 9:52 p.m.5 views

CVE-2022-27952

An arbitrary file upload vulnerability in the file upload module of PayloadCMS v0.15.0 allows attackers to execute arbitrary code via a crafted SVG file...

9.8CVSS7.7AI score0.02164EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 3:46 p.m.11 views

CVE-2020-20695

A stored cross-site scripting XSS vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

5.4CVSS5.5AI score0.00499EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 1:13 p.m.8 views

CVE-2018-1000062

WonderCMS version 2.4.0 contains a Stored Cross-Site Scripting on File Upload through SVG vulnerability in uploadFileAction, 'svg' = 'image/svg+xml' that can result in An attacker can execute arbitrary script on an unsuspecting user's browser. This attack appear to be exploitable via Crafted SVG...

4.4CVSS6.3AI score0.00588EPSS
Exploits0References1
Rows per page
Query Builder