CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

OSV•added 2026/05/28 7:1 p.m.•4 views

GHSA-GG2G-P7XC-QQMM compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)

A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...

7.8CVSS6.2AI score

Exploits0References4

Github Security Blog•added 2026/05/28 7:1 p.m.•7 views

compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)

6.2AI score

Exploits0References4Affected Software1

Positive Technologies•added 2026/05/28 12:0 a.m.•6 views

PT-2026-44548

7.8CVSS6.2AI score

Exploits0References5

RedHat Linux•added 2025/12/01 8:55 a.m.•3 views

qtsvg: Uncontrolled recursion in Qt SVG module

A stack overflow flaw has been discovered in the Qt SVG module. When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS...

9.4CVSS7.3AI score0.00009EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2019-5954

Malware in sbrugna...

6.1CVSS6.1AI score0.00301EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-32309

Malicious code in bioql PyPI...

9.4CVSS6.6AI score0.00009EPSS

Exploits0References2

OSV•added 2025/10/03 4:16 p.m.•0 views

UBUNTU-CVE-2025-10728

When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS...

9.4CVSS7.3AI score0.00009EPSS

Exploits0References4

CNNVD•added 2025/10/03 12:0 a.m.•3 views

Qt 安全漏洞

Qt is a cross-platform application development framework from the Qt open source. A security vulnerability exists in Qt that stems from possible recursive rendering when rendering Svg files containing pattern elements, which could lead to a stack overflow denial of service...

9.4CVSS8.9AI score0.00009EPSS

Exploits0References1

Positive Technologies•added 2025/09/01 12:0 a.m.•2 views

PT-2025-40528

Name of the Vulnerable Software and Affected Versions Qt versions 6.7.0 through 6.9.0 Description A flaw exists that could lead to a denial-of-service DoS condition. This occurs when the software renders a Scalable Vector Graphics SVG file containing a element, potentially resulting in recursive...

9.4CVSS6.5AI score0.00009EPSS

Exploits0References14

RedhatCVE•added 2025/05/22 4:25 a.m.•3 views

CVE-2019-14827

A vulnerability was found in Moodle where javaScript injection was possible in some Mustache templates via recursive rendering from contexts. Mustache helper tags that were included in template contexts were not being escaped before that context was injected into another Mustache helper, which...

6.1CVSS6.9AI score0.00301EPSS

Exploits0References1

Github Security Blog•added 2022/10/01 12:0 a.m.•14 views

Moodle Stored Cross-site Scripting and page denial of service

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an Cross-site Scripting risk or a page failing to load...

7.1CVSS6.3AI score0.0036EPSS

Exploits0References4Affected Software1

Veracode•added 2021/05/18 6:29 a.m.•12 views

Cross-site Scripting (XSS)

Moodle is vulnerable to cross-site scripting. An attacker is able to inject malicious script in Mustache helper tags included in the Mustache templates via recursive rendering from contexts...

6.1CVSS3.1AI score0.00301EPSS

Exploits0References3Affected Software1