CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CVE•added 2025/12/11 12:0 a.m.•15 views

CVE-2025-55308

Foxit PDF/Editor for Windows versions prior to 13.2 and the 2025 line prior to 2025.2 are affected by a use-after-free vulnerability. A crafted PDF with JavaScript that calls closeDoc() while internal objects are still in use can cause premature object release, leading to memory corruption and po...

6.7CVSS7.4AI score0.00016EPSS

Exploits0References1Affected Software2

OSV•added 2025/12/09 1:50 p.m.•1 views

CLSA-2025-1765288229 libxslt: Fix of CVE-2025-7424

CVE-2025-7424: fix type confusion in xsltDocumentFunctionLoadDocument...

7.5CVSS7.1AI score0.00374EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-6719

Malware in sbrugna...

4.3CVSS8.5AI score0.00779EPSS

Exploits0References16

OSV•added 2023/05/03 3:15 a.m.•2 views

DEBIAN-CVE-2023-29839

A Stored Cross Site Scripting XSS vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function...

5.4CVSS5.9AI score0.00536EPSS

Exploits1References1

UbuntuCve•added 2023/05/03 3:15 a.m.•12 views

CVE-2023-29839

5.4CVSS6.3AI score0.00536EPSS

Exploits1References2

CVE•added 2023/05/03 12:0 a.m.•50 views

CVE-2023-29839

hotel druid 3.0.4 contains a Stored XSS in the Document function, affecting the fields Surname, Name, and Nickname. This is evidenced across multiple CVE records (NVD/Red Hat/OSV/etc.). The vulnerability is described as allowing arbitrary command execution. Practically, the issue is tied to input...

5.4CVSS5.4AI score0.00536EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/05/03 12:0 a.m.•3 views

PT-2023-22439 · Unknown +1 · Hoteldruid +1

Name of the Vulnerable Software and Affected Versions: Hotel Druid version 3.0.4 Description: A Stored Cross Site Scripting XSS issue exists in multiple pages, allowing arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function. Recommendations...

5.4CVSS6.1AI score0.00536EPSS

Exploits1References12

Cvelist•added 2023/05/03 12:0 a.m.•13 views

CVE-2023-29839

5.6AI score0.00536EPSS

Exploits1References1

Debian CVE•added 2023/05/03 12:0 a.m.•17 views

CVE-2023-29839

5.4CVSS5.3AI score0.00536EPSS

Exploits1

SUSE CVE•added 2023/02/15 6:3 a.m.•1 views

SUSE CVE-2009-1713

The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the document function, which allows remote attackers to read 1 arbitrary local files and 2 files from different security zones via unspecified vectors...

7.1CVSS6.5AI score0.00861EPSS

Exploits2References4

seebug.org•added 2009/11/12 12:0 a.m.•18 views

WebKit 'Document()' Function Remote Information Disclosure Vulnerability

No description provided by source. xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:str="http://exslt.org/strings" extension-element-prefixes="str" xsl:template match="" html body Below, you should see e-mail stolen cross-domain! p/ xsl:value-of...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by