Lucene search
+L

36 matches found

Snyk
Snyk
added 2026/02/25 7:12 p.m.6 views

Improper Encoding or Escaping of Output

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1753

Malware in sbrugna...

4.3CVSS6.4AI score0.01161EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-9997

Malware in sbrugna...

7.1CVSS6.8AI score0.01221EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-6564

Malware in sbrugna...

8.3CVSS6.4AI score0.01133EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-7729

Malware in sbrugna...

6.1CVSS6.3AI score0.00713EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-2296

Malware in sbrugna...

5.4CVSS5.4AI score0.00483EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-27876

Malicious code in bioql PyPI...

9.3CVSS7.7AI score0.02046EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-48903

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00342EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-6245

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.01271EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5930

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00855EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-3263

Malicious code in bioql PyPI...

5.4CVSS4.6AI score0.00239EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-27899

Malicious code in bioql PyPI...

9.3CVSS7.6AI score0.01627EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/24 12:23 a.m.11 views

CVE-2025-51863

Self Cross Site Scripting XSS vulnerability in ChatGPT Unli ChatGPTUnli.com thru 2025-05-26 allows attackers to execute arbitrary code via a crafted SVG file to the chat interface...

6.1CVSS6AI score0.00281EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.7 views

PT-2025-30421 · Unknown · Chatgpt Unli

Name of the Vulnerable Software and Affected Versions: ChatGPT Unli versions through 2025-05-26 Description: A self cross-site scripting XSS issue exists in ChatGPT Unli that allows attackers to execute arbitrary code. The issue is triggered by a crafted SVG file submitted to the chat interface...

6.1CVSS6AI score0.00281EPSS
Exploits1References5
CVE
CVE
added 2025/07/22 12:0 a.m.21 views

CVE-2025-51863

The CVE-2025-51863 issue is a Self-XSS vulnerability in ChatGPT Unli’s chat interface, exploitable via a crafted SVG file uploaded/submitted to the chat. The root cause is unsanitized SVG handling that allows arbitrary code execution, leading to cookie theft and potential remote account hijacking...

6.1CVSS6.5AI score0.00281EPSS
Exploits1References1
Veracode
Veracode
added 2025/05/27 4:51 a.m.10 views

Cross-Site Scripting (XSS)

dotnetnuke.core is vulnerable to cross-site scripting XSS. The vulnerability is due to uploaded SVG files containing scripts that, when rendered inline. It allows an attacker to execute malicious scripts in the context of the user’s browser...

6.1CVSS6.1AI score0.00244EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/25 4:12 p.m.20 views

CVE-2025-48378

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 9.13.9, uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks. Version 9.13.9 fixes the issue...

6.1CVSS6.2AI score0.00244EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/05/23 4:58 p.m.18 views

DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline

Uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks...

6.1CVSS6AI score0.00244EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/05/23 3:39 p.m.96 views

CVE-2025-48378

Consolidated evidence shows DNN (DotNetNuke) prior to specific versions is vulnerable to stored XSS via SVG uploads due to incomplete sanitization. CVE-2025-48378 (fixed in 9.13.9) describes that uploaded SVGs could contain scripts that execute when rendered inline. The connected advisories also ...

6.1CVSS5.8AI score0.00244EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/05/23 3:39 p.m.16 views

CVE-2025-48378 Dnn.Platform vulnerable to Stored Cross-Site Scripting (XSS) with svg files rendered inline

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 9.13.9, uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks. Version 9.13.9 fixes the issue...

6.1CVSS6AI score0.00244EPSS
Exploits0References4
Rows per page
Query Builder