Lucene search
K

5 matches found

CVE
CVE
added 2026/07/07 8:55 p.m.22 views

CVE-2026-46672

The CVE-2026-46672 entry describes a local CSV formula-injection flaw in the @actual-app/cli before version 26.6.0. The CLI uses a hand-rolled CSV serializer in packages/cli/src/output.ts with an escapeCsv that only neutralizes RFC 4180 delimiters (comma, quote, newline) and does not neutralize c...

4.6CVSS6.1AI score0.00188EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/11 12:24 a.m.5 views

SUSE CVE-2026-28494

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-siz...

8.6CVSS6AI score0.00108EPSS
Exploits0References8
EUVD
EUVD
added 2026/03/09 9:31 p.m.4 views

EUVD-2026-10374

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-siz...

7.1CVSS6.1AI score0.00108EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/22 9:41 p.m.13 views

Freeform Craft Plugin CP UI (builder/integrations) has Stored Cross-Site Scripting (XSS) issue

Summary An authenticated, low-privilege user able to create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel CP builder and integrations views. User-controlled form labels and integration metadata are rendered with dangerouslySetInnerHTML without sanitization, leading to store...

5.4CVSS5.9AI score0.00253EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/08/13 8:33 p.m.5 views

CVE-2011-10015

Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer 256 bytes without proper bounds checking. Exploitation allows...

9.3CVSS6.6AI score0.00429EPSS
Exploits0References7
Rows per page
Query Builder