CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-45923

Malicious code in bioql PyPI...

5.7CVSS6.3AI score0.00502EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2023-28009

Malicious code in bioql PyPI...

5CVSS5AI score0.00919EPSS

Exploits1References6

Nextcloud•added 2024/11/15 1:10 p.m.•14 views

Mail auto configurator sends account information to `autoconfig.tld` server when no auto-configuration is possible

None...

8.2CVSS5.2AI score0.00698EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/05/27 4:36 a.m.•10 views

CVE-2023-33184 Blind SSRF in the Nextcloud Mail app on avatar endpoint

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...

3.5CVSS5.3AI score0.00529EPSS

Exploits0References3

Hacker One•added 2016/10/11 7:59 a.m.•347 views

Nextcloud: URI scheme bypass in mail app lead to HTML content spoof and opener control

Bug When we load a HTML mail from mailbox via api, etc http://nextcloud/index.php/apps/mail/accounts//folders/SU5CT1g=/messages//html Our content will be passed to HTML Purifier to strip malicious XSS patterns. After that, an filter will apply to transform acceptable URI schemes http, https, ftp,...

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by