Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.8 views

CVE-2019-20860

An issue was discovered in Mattermost Server before 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows remote attackers to cause a denial of service application hang via a crafted SVG document...

5.5CVSS6.9AI score0.0087EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.6 views

CVE-2021-3312

An XML external entity XXE vulnerability in Alkacon OpenCms 11.0, 11.0.1 and 11.0.2 allows remote authenticated users with edit privileges to exfiltrate files from the server's file system by uploading a crafted SVG document...

6.5CVSS6.5AI score0.01249EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.36 views

Fedora 39 : roundcubemail (2023-735ee6d4e1)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-735ee6d4e1 advisory. Version 1.6.4 - Fix PHP8 warnings 9142, 9160 - Fix default 'mime.types' path on Windows 9113 - Managesieve: Fix javascript error when relational or spamtest...

6.1CVSS5.8AI score0.73445EPSS
Exploits2References2
OSV
OSV
added 2021/10/12 5:23 p.m.28 views

GHSA-G6V7-VQHX-6V6C XML External Entity Reference in org.opencms:opencms-core

An XML external entity XXE vulnerability in Alkacon OpenCms 11.0, 11.0.1 and 11.0.2 allows remote authenticated users with edit privileges to exfiltrate files from the server's file system by uploading a crafted SVG document...

6.5CVSS6.2AI score0.01249EPSS
Exploits1References6
NVD
NVD
added 2020/11/18 10:15 p.m.5 views

CVE-2020-15300

SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document...

6.1CVSS6.2AI score0.00699EPSS
Exploits1References1
NVD
NVD
added 2020/06/19 3:15 p.m.18 views

CVE-2019-20860

An issue was discovered in Mattermost Server before 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows remote attackers to cause a denial of service application hang via a crafted SVG document...

5.5CVSS0.0087EPSS
Exploits0References1
Prion
Prion
added 2015/11/05 5:59 a.m.31 views

Memory corruption

The 1 AddWeightedPathSegLists and 2 SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a...

7.5CVSS7.7AI score0.03149EPSS
Exploits0References20Affected Software2
Cvelist
Cvelist
added 2015/11/05 2:0 a.m.22 views

CVE-2015-7199

The 1 AddWeightedPathSegLists and 2 SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a...

9.7AI score0.03149EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2014/12/26 2:59 a.m.27 views

CVE-2011-1793

rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."...

7.5CVSS5.9AI score0.01081EPSS
Exploits0References4
NVD
NVD
added 2010/11/06 12:0 a.m.14 views

CVE-2010-4206

Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a craft...

8.8CVSS9.2AI score0.02516EPSS
Exploits1References14
Debian CVE
Debian CVE
added 2010/11/05 10:0 p.m.17 views

CVE-2010-4206

Removed by vendor...

8.8CVSS8.7AI score0.02516EPSS
Exploits1
Rows per page
Query Builder