CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1247 matches found

Avaya Aura Device Services - OS Command Injection

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier. id: CVE-2023-3722 info: name:...

9.8CVSS7.8AI score0.03334EPSS

Exploits1References2

NVD•added 4 days ago•7 views

CVE-2026-56218

Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers can download uploaded images and extract precise latitude and longitude coordinates revealing user physical location at capture time...

6.9CVSS0.00205EPSS

Exploits0References2

EUVD•added 4 days ago•6 views

EUVD-2026-38114

6.9CVSS5.8AI score0.00205EPSS

Exploits0References2

ATTACKERKB•added 4 days ago•5 views

CVE-2026-56218

6.9CVSS5.8AI score0.00205EPSS

Exploits0References3

AstraLinux•added 5 days ago•7 views

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with appropriately crafted file names...

7.5CVSS7.4AI score0.05291EPSS

Exploits0References2

NVD•added 2026/06/15 12:16 p.m.•18 views

CVE-2026-34030

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not sufficiently validate the branch code when a new branch is created. The branch code is later used in multiple application functions, including filesystem path generation for uploaded files, profile pictures, and...

6.9CVSS0.00327EPSS

Exploits1References2

Positive Technologies•added 2026/06/15 12:0 a.m.•8 views

PT-2026-49201

6.9CVSS5.3AI score0.00327EPSS

Exploits1References3

NVD•added 2026/06/12 9:16 p.m.•8 views

CVE-2026-53607

ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, when prettyUrls: true is enabled on @apostrophecms/file a documented SEO feature for serving uploaded files at clean URLs, the public pretty-URL handler builds the upstream URL using the raw...

3.7CVSS0.00226EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:51 p.m.•5 views

CVE-2025-27850

The locally served web site on the Garmin WDU v1 1.4.6 and v2 5.0 allows a symlink attack. If a malicious graphics package containing symlinks is uploaded, the web server follows the supplied links when serving content. No mechanisms to restrict those link targets to a specific area of the...

7.5CVSS5.5AI score0.00387EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:45 p.m.•7 views

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

9.8CVSS6AI score0.00475EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:33 p.m.•7 views

CVE-2026-9236

The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmaccampaignsaction function. This makes it...

4.3CVSS5.5AI score0.00128EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:33 p.m.•10 views

CVE-2026-45543

Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the affected form. The scope is limited to uploaded files for forms where that user previously had resul...

5.3CVSS5.3AI score0.00269EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:23 p.m.•9 views

CVE-2026-25524

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, PHP functions such as getimagesize, fileexists, and isreadable can trigger...

8.1CVSS6AI score0.00539EPSS

Exploits1References1

RedhatCVE•added 2026/06/05 7:23 p.m.•9 views

CVE-2026-43982

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...

8.7CVSS5.4AI score0.00344EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:21 p.m.•7 views

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

9.2CVSS5.5AI score0.00479EPSS

Exploits0References1