CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

318 matches found

CNNVD•added 2026/03/31 12:0 a.m.•3 views

InvoiceShelf 代码问题漏洞

InvoiceShelf is an open-source invoice and expense management application developed by InvoiceShelf. Versions of InvoiceShelf prior to 2.2.0 had code vulnerabilities. These vulnerabilities stemmed from the Estimate PDF generation module, where HTML provided by users was passed to the Dompdf...

8.1CVSS5.9AI score0.00035EPSS

Exploits1References3

RedhatCVE•added 2026/01/09 10:45 a.m.•2 views

CVE-2022-0085

Server-Side Request Forgery SSRF in GitHub repository dompdf/dompdf prior to 2.0.0...

5.3CVSS6.8AI score0.00437EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:29 a.m.•1 views

CVE-2023-50262

Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Dompdf performs an initial validation to ensure that paths within the SVG are allowed. One of the validations is that the SVG document does not reference itself. However, prior to version 2.0.4, a recursive chained using two or...

7.5CVSS6.7AI score0.06147EPSS

Exploits1References1

OpenVAS•added 2025/12/31 12:0 a.m.•1 views

Debian: Security Advisory (DLA-4427-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.06926EPSS

Exploits2References2

Debian•added 2025/12/30 8:31 a.m.•5 views

[SECURITY] [DLA 4427-1] php-dompdf security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4427-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA December 30, 2025 https://wiki.debian.org/LTS -...

9.8CVSS8.1AI score0.06926EPSS

Exploits2

Tenable Nessus•added 2025/12/30 12:0 a.m.•2 views

Debian dla-4427 : php-dompdf - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4427 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4427-1 [email protected]...

9.8CVSS8.1AI score0.06926EPSS

Exploits2References6

OSV•added 2025/12/30 12:0 a.m.•1 views

DLA-4427-1 php-dompdf - security update

Bulletin has no description...

9.8CVSS6.9AI score0.06926EPSS

Exploits2

RedhatCVE•added 2025/12/25 5:25 a.m.•4 views

CVE-2025-13773

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.8.0 via the 'WooCommerceDeliveryNotes::update' function. This is due to missing capability check in the 'WooCommerceDeliveryNotes::update' functio...

9.8CVSS6.9AI score0.00281EPSS

Exploits0References1

NVD•added 2025/12/24 5:16 a.m.•1 views

CVE-2025-13773

9.8CVSS0.00281EPSS

Exploits0References7

Cvelist•added 2025/12/24 4:32 a.m.•17 views

CVE-2025-13773 Print Invoice & Delivery Notes for WooCommerce <= 5.8.0 - Unauthenticated Remote Code Execution

9.8CVSS0.00281EPSS

Exploits0References7

Positive Technologies•added 2025/12/24 12:0 a.m.•1 views

PT-2025-52868

Name of the Vulnerable Software and Affected Versions Print Invoice & Delivery Notes for WooCommerce versions up to and including 5.8.0 Description The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is susceptible to Remote Code Execution due to a missing capability check...

9.8CVSS7AI score0.00281EPSS

Exploits0References17

CNNVD•added 2025/12/24 12:0 a.m.•1 views

WordPress plugin Print Invoice & Delivery Notes for WooCommerce 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injection...

9.8CVSS8AI score0.00281EPSS

Exploits0References8