CVE-2026-36387

A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /addmembers.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...

CVE-2025-31978

CVE-2025-31978 : HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. The underlying issue may allow an attacker to craft data fields that, when saved to a CSV, could trigger information exfiltr...

CVE-2025-40943

Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitiz...

CVE-2025-40943

Affected devices do not properly sanitize contents of trace files. This could allow an attacker to inject code through social engineering an authorized user, who has the function right "Read diagnostics", to import a specially crafted trace file. The malicious trace file is insufficiently sanitiz...

CVE-2022-27176

Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions when using 'File Sanitization Option', and RevoWorks Desktop 2.1.84 and prior versions when using 'File...

EUVD-2021-11298

Malware in sbrugna...

EUVD-2019-0235

Malware in sbrugna...

EUVD-2020-1454

Malware in sbrugna...

EUVD-2022-31712

Malicious code in bioql PyPI...

EUVD-2021-28041

Malicious code in bioql PyPI...

EUVD-2023-58050

Malicious code in bioql PyPI...

EUVD-2024-52573

Malicious code in bioql PyPI...

EUVD-2022-1312

Malicious code in bioql PyPI...

EUVD-2023-43073

Malicious code in bioql PyPI...

CVE-2025-6076

CVE-2025-6076 affects Partner Software’s Partner Software application and Partner Web application. The vulnerability arises from insufficient sanitization of files uploaded via the Reports tab, enabling an authenticated user to upload a malicious file and potentially compromise the device. The is...

CVE-2024-11184

The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts...

CVE-2023-39342

Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI dangerzone-cli command logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is...

CVE-2021-20104

Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php...

CVE-2024-51446

A vulnerability has been identified in Polarion V2310 All versions, Polarion V2404 All versions V2404.4. The file upload feature of the affected application improperly sanitizes xml files. This could allow an authenticated remote attacker to conduct a stored cross-site scripting attack by uploadi...

CVE-2022-42450

Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications...