CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

OSV•added 2026/06/12 7:16 p.m.•6 views

DEBIAN-CVE-2026-12143

form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to FormDataappend and the filename option are concatenated verbatim into the Content-Disposition header without escaping carriage return CR, line feed LF, or double-quote "...

8.7CVSS5.4AI score0.00325EPSS

Exploits0References1

NVD•added 2026/06/09 7:16 p.m.•6 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

8.2CVSS0.00123EPSS

Exploits0References1

OSV•added 2026/06/05 6:11 p.m.•10 views

GHSA-P462-PRXW-MJX4 NASA AMMOS Instrument Toolkit: Path traversal resulting in arbitrary file append (can be triggered over the network by unauthenticated attacker)

Summary The Binary Stream Capture BSC component exposes an unauthenticated HTTP API for dynamically creating packet capture “handlers.” Because the code blindly trusts path‑related form fields, a remote client can: - Bypass the configured log root and direct BSC to log to arbitrary filesystem...

9.1CVSS6AI score0.00163EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-1092

Malware in sbrugna...

5CVSS6.4AI score0.01149EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-1999-0215

Malware in sbrugna...

6.4CVSS6.4AI score0.05732EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2000-0534

Malware in sbrugna...

7.2CVSS6.4AI score0.00721EPSS

Exploits0References5

OSV•added 2024/03/02 10:15 p.m.•2 views

DEBIAN-CVE-2023-52527

In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something like sendMSGMORE happened previously when appending to an IPv4 or IPv6...

5.5CVSS5.2AI score0.00226EPSS

Exploits0References1

Cvelist•added 2018/06/11 9:0 p.m.•21 views

CVE-2016-5293

When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox E...

6.4AI score0.00336EPSS

Exploits0References6

OSV•added 2017/01/20 3:59 p.m.•1 views

CVE-2016-6253

mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox...

7.8CVSS5.9AI score0.03534EPSS

Exploits5References8

Cvelist•added 2008/11/18 3:0 p.m.•16 views

CVE-2008-5155

mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/header. or 2 /tmp/body. temporary file, or append data to arbitrary files via a symlink attack on the 3 /tmp/sms.log temporary file...

6.3AI score0.01304EPSS

Exploits1References3

NVD•added 2005/04/11 4:0 a.m.•16 views

CVE-2005-1089

Unknown vulnerability in DC++ before 0.674 allows attackers to append data to arbitrary files...

5CVSS6.6AI score0.01149EPSS

Exploits0References3

Cvelist•added 1999/09/29 4:0 a.m.•20 views

CVE-1999-0215

Routed allows attackers to append data to files...

6.6AI score0.05732EPSS

Exploits0References2