CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-7661

Malicious code in bioql PyPI...

6.1CVSS4.7AI score0.00378EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 10:47 a.m.•5 views

CVE-2017-20158

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scripting. The...

6.1CVSS6.2AI score0.00378EPSS

Exploits0References1

Veracode•added 2023/01/18 12:35 a.m.•13 views

Cross-site Scripting (XSS)

vova07/yii2-fileapi-widget is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject and execute malicious JavaScript via the vulnerable run function in UploadAction.php...

6.1CVSS5.8AI score0.00378EPSS

Exploits0References4Affected Software1

OSV•added 2023/01/02 11:15 p.m.•4 views

CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

7.4CVSS9.4AI score

Exploits0References2

NVD•added 2023/01/02 11:15 p.m.•23 views

CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

7.4CVSS7.7AI score0.0159EPSS

Exploits3References2

OSV•added 2023/01/02 11:15 p.m.•2 views

DEBIAN-CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

7.4CVSS8.3AI score0.0159EPSS

Exploits3References1

Prion•added 2023/01/02 11:15 p.m.•19 views

Design/Logic Flaw

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

4.3CVSS7.8AI score0.0159EPSS

Exploits3References2Affected Software1

UbuntuCve•added 2023/01/02 11:15 p.m.•22 views

CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

7.4CVSS7.1AI score0.0159EPSS

Exploits3References3

Cvelist•added 2023/01/02 12:0 a.m.•22 views

CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

7.7AI score0.0159EPSS

Exploits3References2

CVE•added 2023/01/02 12:0 a.m.•82 views

CVE-2019-13768

Use-after-free in Chrome's FileAPI (CVE-2019-13768) affects Google Chrome

7.4CVSS7.6AI score0.0159EPSS

Exploits3References2Affected Software1

Vulnrichment•added 2023/01/02 12:0 a.m.•13 views

CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

6.8AI score0.0159EPSS

Exploits3References2

Debian CVE•added 2023/01/02 12:0 a.m.•24 views

CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chrome security severity: High...

7.4CVSS8.4AI score0.0159EPSS

Exploits3

OSV•added 2022/12/31 12:30 p.m.•16 views

GHSA-J82X-FH8H-326G Yii2 FileAPI Widget vulnerable to Cross-site Scripting

A vulnerability was found in vova07 Yii2 FileAPI Widget up to 0.1.8. It has been declared as problematic. Affected by this vulnerability is the function run of the file actions/UploadAction.php. The manipulation of the argument file leads to cross site scripting. The attack can be launched...

6.1CVSS6AI score0.00378EPSS

Exploits0References6

Github Security Blog•added 2022/12/31 12:30 p.m.•23 views

Yii2 FileAPI Widget vulnerable to Cross-site Scripting

6.1CVSS6AI score0.00378EPSS

Exploits0References6Affected Software1

OSV•added 2022/12/31 11:15 a.m.•7 views

CVE-2017-20158

6.1CVSS6.1AI score

Exploits0References4

NVD•added 2022/12/31 11:15 a.m.•8 views

CVE-2017-20158

6.1CVSS0.00378EPSS

Exploits0References4

Prion•added 2022/12/31 11:15 a.m.•6 views

Cross site scripting

5.8CVSS6AI score0.00378EPSS

Exploits0References4Affected Software1

CVE•added 2022/12/31 10:0 a.m.•73 views

CVE-2017-20158

The CVE-2017-20158 entry concerns vova07 Yii2 FileAPI Widget up to 0.1.8. The vulnerability affects the run() function in actions/UploadAction.php, where manipulation of the file parameter enables a Cross-Site Scripting (XSS) vulnerability. It can be exploited remotely. A fix is available in vers...

6.1CVSS4.7AI score0.00378EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2022/12/31 12:0 a.m.•1 views

PT-2022-8023 · Unknown · Vova07 Yii2 Fileapi Widget

Name of the Vulnerable Software and Affected Versions: vova07 Yii2 FileAPI Widget versions up to 0.1.8 Description: A vulnerability was found in the vova07 Yii2 FileAPI Widget, which has been declared as problematic. The issue affects the run function of the file actions/UploadAction.php. The...

6.1CVSS4.2AI score0.00378EPSS

Exploits0References13

Tenable Nessus•added 2019/04/09 12:0 a.m.•39 views

RHEL 6 : chromium-browser (RHSA-2019:0708)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0708 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 73.0.3683.75. Security Fixes:...

9.3CVSS7.6AI score0.19638EPSS

Exploits3References34

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by