CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-14660

Malicious code in bioql PyPI...

7.8CVSS4.8AI score0.00087EPSS

Exploits1References5

NVD•added 2025/08/04 11:15 p.m.•2 views

CVE-2025-46094

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript...

3.8CVSS0.00414EPSS

Exploits1References2

Cvelist•added 2025/08/04 12:0 a.m.•5 views

CVE-2025-46094

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript...

3.8CVSS0.00414EPSS

Exploits1References2

Vulnrichment•added 2025/08/04 12:0 a.m.•2 views

CVE-2025-46094

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript...

3.8CVSS7AI score0.00414EPSS

Exploits1References2

CVE•added 2025/08/04 12:0 a.m.•13 views

CVE-2025-46094

LiquidFiles is affected prior to version 4.1.2 by a directory traversal vulnerability triggered when the pathname of a local executable file is configured as an Actionscript. The issue exposes risk to confidentiality (Low) and integrity (Low) with no availability impact in the CVE metrics. Concre...

3.8CVSS6.8AI score0.00414EPSS

Exploits1References2Affected Software1

SUSE CVE•added 2025/04/23 2:37 a.m.•1 views

SUSE CVE-2025-43929

openactions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document e.g., a document opened in KDE ghostwriter...

7.8CVSS6.8AI score0.00087EPSS

Exploits1References3

OSV•added 2025/04/20 3:15 a.m.•10 views

CVE-2025-43929

7.8CVSS6.8AI score0.00087EPSS

Exploits1References5

NVD•added 2025/04/20 3:15 a.m.•27 views

CVE-2025-43929

7.8CVSS0.00087EPSS

Exploits1References5

OSV•added 2025/04/20 3:15 a.m.•1 views

DEBIAN-CVE-2025-43929

7.8CVSS4.9AI score0.00087EPSS

Exploits1References1

Cvelist•added 2025/04/20 12:0 a.m.•21 views

CVE-2025-43929

4.1CVSS0.00087EPSS

Exploits1References5

Debian CVE•added 2025/04/20 12:0 a.m.•17 views

CVE-2025-43929

7.8CVSS4.9AI score0.00087EPSS

Exploits1

CNNVD•added 2025/04/20 12:0 a.m.•1 views

kitty 安全漏洞

kitty is a Python-based GPU terminal emulation software by Kovid Goyal, an individual developer in India. The software provides basic terminal functionality and GPU-based rendering reduces system load, uses OpenGL for rendering, and can be supported on Linux and Mac. A security vulnerability exis...

7.8CVSS5.3AI score0.00087EPSS

Exploits1References6

Positive Technologies•added 2025/04/20 12:0 a.m.•2 views

PT-2025-17401 · Kitty +1 · Kitty +1

Name of the Vulnerable Software and Affected Versions: kitty versions prior to 0.41.0 Description: The issue concerns the open actions.py script in kitty, which does not request user confirmation before executing a local executable file. This file may have been linked from an untrusted document,...

7.8CVSS4.4AI score0.00087EPSS

Exploits1References22

CNNVD•added 2024/11/06 12:0 a.m.•2 views

Symfony 命令注入漏洞

Symfony is a PHP framework for web and console applications and a set of reusable PHP components from Symfony, Inc. Symfony suffers from a command injection vulnerability that originates from the presence of an executable file named cmd.exe in the current working directory, which could lead to...

9.8CVSS7.1AI score0.00783EPSS

Exploits0References2

SUSE CVE•added 2024/07/13 2:36 a.m.•2 views

SUSE CVE-2024-39904

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

8.8CVSS7.6AI score0.00227EPSS

Exploits0References3

NVD•added 2024/07/11 4:15 p.m.•6 views

CVE-2024-39904

8.8CVSS0.00227EPSS

Exploits0References2

OSV•added 2024/06/25 4:15 p.m.•0 views

CVE-2024-5988

Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™...

9.8CVSS6.4AI score

Exploits0References1

SUSE CVE•added 2024/03/18 3:25 a.m.•1 views

SUSE CVE-2024-27303

electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the .nsh...

7.3CVSS7AI score0.00215EPSS

Exploits0References2

OSV•added 2022/08/31 4:15 p.m.•2 views

DEBIAN-CVE-2022-1976

A flaw was found in the Linux kernel’s implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege escalation...

7.8CVSS7.4AI score0.00045EPSS

Exploits0References1

Positive Technologies•added 2022/06/02 12:0 a.m.•1 views

PT-2022-7184 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the Linux kernel's implementation of IO-URING, allowing an attacker with local executable permission to create a string of requests that can cause a use-after-free...

7.8CVSS7.3AI score0.00045EPSS

Exploits0References15

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by