Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-0530

Malware in sbrugna...

8.6CVSS8.6AI score0.01199EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/06/30 12:0 a.m.1 views

PT-2025-27464 · Electron · Electron

Name of the Vulnerable Software and Affected Versions: Electron versions prior to 28.3.2 Electron versions prior to 29.3.3 Electron versions prior to 30.0.3 Description: The issue is related to heap buffer overflows in Electron's API, specifically affecting the nativeImage.createFromPath and...

7.3CVSS6.8AI score0.00046EPSS
Exploits0References9
CNNVD
CNNVDadded 2025/01/24 12:0 a.m.2 views

WordPress plugin Jobify - Job Board WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin Jobify -...

6.5CVSS8.1AI score0.00471EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 6:11 a.m.1 views

SUSE CVE-2007-3996

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...

6.8CVSS8.1AI score0.15128EPSS
Exploits1References4
Prion
Prionadded 2022/02/08 10:15 p.m.13 views

Design/Logic Flaw

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file that could contain a malicious payload was kept on the disk. Use...

6.5CVSS8.7AI score0.04273EPSS
Exploits4References3Affected Software1
CNNVD
CNNVDadded 2022/02/08 12:0 a.m.1 views

M1k1o Blog 输入验证错误漏洞

M1k1o Blog is a simple self-hosted, lightweight, single-user PHP blog where you can create your own Facebook-like feed. An input validation error vulnerability exists in M1k1o Blog, which stems from an error in the product functions imagecreatefrom and image that is not properly checked...

8.8CVSS7.9AI score0.04273EPSS
Exploits4References7
Prion
Prionadded 2015/09/16 2:59 p.m.9 views

Input validation

Multiple incomplete blacklist vulnerabilities in the serendipityisActiveFile function in include/functionsimages.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .pht or 2 .phtml extension...

6.5CVSS7.9AI score0.00808EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2014/08/23 1:55 a.m.15 views

CVE-2014-5120

gdctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the 1 imagegd, 2 imagegd2, 3 imagegif, 4 imagejpeg, 5...

6.4CVSS7.2AI score0.08774EPSS
Exploits0References9
FreeBSD
FreeBSDadded 2004/10/12 12:0 a.m.53 views

libwmf -- multiple vulnerabilities

Mitre reports: Multiple buffer overflows in the gd graphics library libgd 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than...

10CVSS8.6AI score0.14039EPSS
Exploits5
Rows per page
Query Builder