CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

RedhatCVE•added 2025/12/11 5:16 a.m.•8 views

CVE-2025-59788

A flaw was found in Nextcloud's PDF Portable Document Format viewer. This vulnerability allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted PDF file to viewer.html in the filespdfviewer example directory...

6.4CVSS6.9AI score0.00246EPSS

Exploits1References2

OpenVAS•added 2025/12/09 12:0 a.m.•6 views

Nextcloud Server Multiple Vulnerabilities (GHSA-24wp-p865-7j4r)

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

8.8CVSS7.7AI score0.72648EPSS

Exploits15References2

Vulnrichment•added 2025/12/04 12:0 a.m.•3 views

CVE-2025-59788

Cross-site scripting XSS vulnerability in a reachable filespdfviewer example directory in Nextcloud with versions before 22.2.10.33, 23.0.12.29, 24.0.12.28, 25.0.13.23, 26.0.13.20, 27.1.11.20, 28.0.14.11, 29.0.16.8, 30.0.17, 31.0.10, and 32.0.1 allows attackers to execute arbitrary JavaScript in...

6.4CVSS8.1AI score0.00246EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-23939

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.0035EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-58595

Malicious code in bioql PyPI...

9.4CVSS9.1AI score0.00991EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-19729

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00219EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-30752

Malicious code in bioql PyPI...

3.5CVSS5AI score0.00341EPSS

Exploits0References2

Positive Technologies•added 2025/09/03 12:0 a.m.•3 views

PT-2025-49115

Name of the Vulnerable Software and Affected Versions Nextcloud versions prior to 22.2.10.33 Nextcloud versions prior to 23.0.12.29 Nextcloud versions prior to 24.0.12.28 Nextcloud versions prior to 25.0.13.23 Nextcloud versions prior to 26.0.13.20 Nextcloud versions prior to 27.1.11.20 Nextcloud...

6.5CVSS6.1AI score0.00246EPSS

Exploits1References9

NVD•added 2025/08/07 6:15 p.m.•3 views

CVE-2025-51629

A cross-site scripting XSS vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter...

8.8CVSS0.0035EPSS

Exploits0References3

CVE•added 2025/08/07 12:0 a.m.•15 views

CVE-2025-51629

CVE-2025-51629 is an XSS in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1. The root cause is improper handling of the Temp parameter, allowing an attacker to inject crafted payloads that execute scripts/HTML. Affected product: Agenzia Impresa Eccobook (PdfViewer, version 2.81.1). Imp...

8.8CVSS5.6AI score0.0035EPSS

Exploits0References3

CNNVD•added 2025/08/07 12:0 a.m.•2 views

Agenzia Impresa EccoBook 安全漏洞

Agenzia Impresa EccoBook is a ledger software from Agenzia Impresa, Italy. A security vulnerability exists in Agenzia Impresa EccoBook version 2.81.1, which stems from the improper handling of the Temp parameter by the PdfViewer component, which could lead to a cross-site scripting attack...

8.8CVSS6AI score0.0035EPSS

Exploits0References3

Cvelist•added 2025/08/07 12:0 a.m.•8 views

CVE-2025-51629

0.0035EPSS

Exploits0References3

Vulnrichment•added 2025/08/07 12:0 a.m.•2 views

CVE-2025-51629

5.5AI score0.0035EPSS

Exploits0References3

Positive Technologies•added 2025/08/07 12:0 a.m.•4 views

PT-2025-32293 · Unknown · Agenzia Impresa Eccobook

Name of the Vulnerable Software and Affected Versions: Agenzia Impresa Eccobook version 2.81.1 Description: A cross-site scripting XSS vulnerability exists in the PdfViewer component. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Temp...

8.8CVSS5.6AI score0.0035EPSS

Exploits0References6

RedhatCVE•added 2025/07/04 3:24 p.m.•9 views

CVE-2025-6725

In the PdfViewer component, a Cross-Site Scripting XSS vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered...

5.4CVSS5.5AI score0.00219EPSS

Exploits0References1

NVD•added 2025/07/02 3:15 p.m.•5 views

CVE-2025-6725

5.4CVSS0.00219EPSS

Exploits0References6

Cvelist•added 2025/07/02 2:39 p.m.•7 views

CVE-2025-6725 Cross-Site Scripting (XSS) in PdfViewer

5.4CVSS0.00219EPSS

Exploits0References6

Vulnrichment•added 2025/07/02 2:39 p.m.•3 views

CVE-2025-6725 Cross-Site Scripting (XSS) in PdfViewer

5.4CVSS5.5AI score0.00219EPSS

Exploits0References6

CVE•added 2025/07/02 2:39 p.m.•40 views

CVE-2025-6725

CVE-2025-6725 is a Cross-Site Scripting (XSS) vulnerability reported in the PdfViewer component across Progress Telerik UI products (e.g., UI for ASP.NET Core/Blazor/ASP.NET MVC, Kendo UI for React/Angular/jQuery). The root cause, as described in the initial materials, is insufficient validation ...

5.4CVSS5.5AI score0.00219EPSS

Exploits0References6

Positive Technologies•added 2025/07/02 12:0 a.m.•4 views

PT-2025-27642 · Unknown · Pdf Viewer

Name of the Vulnerable Software and Affected Versions: PdfViewer affected versions not specified Description: A Cross-Site Scripting XSS issue is possible in the PdfViewer component when a specially-crafted document is loaded and the user interacts with a tool that requires the DOM to be...

5.4CVSS5.4AI score0.00219EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by