CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

CVE•added 2026/04/01 8:39 p.m.•9 views

CVE-2026-34529

CVE-2026-34529 – File Browser stored XSS via crafted EPUB (GHSA-5VPR-4FGW-F69H) . The Github advisory discloses a vulnerability in File Browser where the EPUB preview function can run JavaScript in the victim’s browser. Root cause: Preview.vue passes epubOptions with allowScriptedContent: true to...

9CVSS5.8AI score0.00047EPSS

Exploits1References2Affected Software1

CNNVD•added 2026/02/06 12:0 a.m.•4 views

Calibre 代码注入漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Versions of Calibre 9.1.0 and earlier had a code injection vulnerability. This vulnerability stemmed from path travers...

8.2CVSS5.9AI score0.00035EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-21565

Malware in sbrugna...

6.5CVSS7.1AI score0.00212EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-2016-1374

Malware in sbrugna...

5.5CVSS5.3AI score0.0039EPSS

Exploits1References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-26183

Malware in sbrugna...

9.3CVSS8AI score0.02865EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-10293

Malware in sbrugna...

7.8CVSS7.5AI score0.00133EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-18504

Malicious code in bioql PyPI...

5.5CVSS6.3AI score0.00071EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-52991

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00337EPSS

Exploits0References1

OSV•added 2025/06/17 3:15 p.m.•4 views

CVE-2025-6196

A flaw was found in libgepub, a library used to read EPUB files. The software mishandles file size calculations when opening specially crafted EPUB files, leading to incorrect memory allocations. This issue causes the application to crash. Known affected usage includes desktop services like...

5.5CVSS6.9AI score0.00071EPSS

Exploits1References3

OSV•added 2025/06/17 3:15 p.m.•0 views

DEBIAN-CVE-2025-6196

5.5CVSS5.4AI score0.00071EPSS

Exploits1References1

RedhatCVE•added 2025/06/17 6:54 a.m.•4 views

CVE-2025-6196

5.5CVSS5.3AI score0.00071EPSS

Exploits1References4

Positive Technologies•added 2025/06/17 12:0 a.m.•2 views

PT-2025-25663 · Libgepub +1 · Libgepub +1

Name of the Vulnerable Software and Affected Versions: libgepub affected versions not specified Description: A flaw exists in libgepub, a library used to read EPUB files. The software incorrectly handles file size calculations when processing specially crafted EPUB files, resulting in incorrect...

5.5CVSS6.2AI score0.00071EPSS

Exploits1References22

OSV•added 2019/09/06 9:9 p.m.•5 views

MGASA-2019-0249 Updated sigil packages fix security vulnerability

Updated sigil package fixes security vulnerability: Mike Salvatore discovered that Sigil mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem CVE-2019-14452...

7.5CVSS7.6AI score0.02986EPSS

Exploits0References3

Tenable Nessus•added 2019/07/26 12:0 a.m.•25 views

Foxit PhantomPDF < 8.3.11 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.11. It is, therefore affected by multiple vulnerabilities: - An uninitialized pointer flaw exists when calling xfa.event.rest XFA JavaScript that can cause the...

7.8CVSS7.6AI score0.00911EPSS

Exploits0References23

OpenVAS•added 2019/07/16 12:0 a.m.•24 views

Ubuntu: Security Advisory (USN-4055-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.1AI score0.0057EPSS

Exploits1References2

OSV•added 2018/07/13 8:29 p.m.•17 views

CVE-2016-9487

EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf...

7.8CVSS7.1AI score

Exploits0References2

NVD•added 2018/07/13 8:29 p.m.•14 views

CVE-2016-9487

7.8CVSS7.6AI score0.00133EPSS

Exploits0References2

UbuntuCve•added 2018/07/13 8:29 p.m.•19 views

CVE-2016-9487

7.8CVSS7.2AI score0.00133EPSS

Exploits0References2

Cvelist•added 2018/07/13 8:0 p.m.•26 views

CVE-2016-9487 EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks

7.6AI score0.00133EPSS

Exploits0References2

CVE•added 2018/07/13 8:0 p.m.•53 views

CVE-2016-9487

Summary of CVE-2016-9487 (EpubCheck 4.0.1): The vulnerability arises from improper restriction of XML External Entities (XXE) when parsing XML in EPUBs during validation, allowing a specially crafted EPUB to read arbitrary files or cause the victim to issue arbitrary requests leveraging trust rel...

7.8CVSS7.6AI score0.00133EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by