CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6 matches found

OSV•added 2026/05/11 1:59 p.m.•5 views

GHSA-9Q28-GHCR-C4X3 PraisonAI's symlink-extraction bypass of `_safe_extractall` writes outside `dest_dir`

Summary The safeextractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not validate member.linkname, does not reject symlink/hardlink members, and calls...

8.7CVSS6AI score0.00433EPSS

Exploits1References3

OSV•added 2026/02/19 1:16 p.m.•4 views

CVE-2019-25426

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENTSOURCEBYPASS or...

5.1CVSS5.9AI score0.00369EPSS

Exploits1References4

NVD•added 2026/02/19 1:16 p.m.•6 views

CVE-2019-25426

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENTSOURCEBYPASS or...

6.1CVSS0.00369EPSS

Exploits1References4

Cvelist•added 2026/02/19 12:2 p.m.•24 views

CVE-2019-25426 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via dnsmasq

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENTSOURCEBYPASS or...

6.1CVSS0.00369EPSS

Exploits1References4

Vulnrichment•added 2026/02/19 12:2 p.m.•7 views

CVE-2019-25426 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via dnsmasq

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENTSOURCEBYPASS or...

6.1CVSS5.6AI score0.00369EPSS

Exploits1References4

Positive Technologies•added 2026/02/19 12:0 a.m.•6 views

PT-2026-20829

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. Attackers can send POST requests with script payloads in the TRANSPARENT SOURCE BYPASS or TRANSPARENT DESTINATI...

6.1CVSS5.6AI score0.00369EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by