Lucene search
K

15 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/07 4:35 p.m.2 views

CVE-2026-35608

QuickDrop is an easy-to-use file sharing application. Prior to 1.5.3, a stored XSS vulnerability exists in the file preview endpoint. The application allows SVG files to be uploaded via the /api/file/upload-chunk endpoint. An attacker can upload a specially crafted SVG file containing a JavaScrip...

5.3CVSS5.9AI score0.00187EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-2052

Malware in sbrugna...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-20172

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00189EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-40271

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00263EPSS
Exploits0References2
NVD
NVD
added 2025/07/07 3:15 a.m.6 views

CVE-2025-53171

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function...

4CVSS0.00086EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/07 2:8 a.m.5 views

CVE-2025-53176

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function...

3.3CVSS0.00085EPSS
Exploits0References1
CVE
CVE
added 2025/07/07 2:6 a.m.22 views

CVE-2025-53174

CVE-2025-53174 concerns Huawei HarmonyOS with a stack overflow risk when parsing vector images during file preview. Multiple connected sources (CNVD-2025-15514, CNNVD-202507-642) specify affected versions as HarmonyOS 5.0.1 and 5.1.0, with the vulnerability enabling exploitation that can affect t...

4CVSS6.8AI score0.00086EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/07 2:5 a.m.4 views

CVE-2025-53173

Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function...

5.3CVSS6.8AI score0.00189EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.5 views

PT-2025-28109 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: There is a risk of stack overflow when vector images are parsed during file preview. The impact of successful exploitation of this issue may affect the file preview function. Recommendations...

3.3CVSS6.6AI score0.00085EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/05 12:0 a.m.10 views

PT-2025-28106 · Huawei +1 · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: There is a risk of stack overflow when vector images are parsed during file preview. The impact of successful exploitation of this issue may affect the file preview function. Recommendations...

5.3CVSS6.6AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.5 views

CVE-2025-50183

OpenList Frontend is a UI component for OpenList. Prior to version 4.0.0-rc.4, a vulnerability exists in the file preview/browsing feature of the application, where files with a .py extension that contain JavaScript code wrapped in...

6.5CVSS7.2AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 p.m.15 views

CVE-2021-32622

Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts embedded in the uploaded file. This can only occur after several user interactions to open the previ...

7.8CVSS6.7AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:31 p.m.7 views

CVE-2002-2047

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript EPS file...

10CVSS8.1AI score0.03288EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/03 12:0 a.m.4 views

Xibo CMS 安全漏洞

Xibo CMS is an open source content management system from Xibo Digital Signage. A security vulnerability exists in Xibo CMS versions prior to 4.1.0, which stems from vulnerability to a cross-site scripting attack that allows an authorized user to execute arbitrary JavaScript via the file preview...

5.4CVSS6.4AI score0.00263EPSS
Exploits0References3
CVE
CVE
added 2018/07/05 4:0 p.m.60 views

CVE-2018-3762

CVE-2018-3762 affects Nextcloud Server prior to 12.0.8 and 13.0.3, where improper checks of dropped permissions for incoming shares let a user request previews for files they should not access. Root cause: inadequate enforcement of access control on image preview requests. Impact stated in source...

4.3CVSS4.8AI score0.00888EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder