CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/10/20 6:23 p.m.•2 views

CVE-2025-62430

ClipBucket v5 is an open source video sharing platform. ClipBucket v5 through build 5.5.2 145 allows stored cross-site scripting XSS in multiple video and photo metadata fields. For videos the Tags field and the Genre, Actors, Producer, Executive Producer, and Director fields in Movieinfos accept...

5.4CVSS5.9AI score0.00027EPSS

Exploits1References1

NVD•added 2025/10/17 6:15 p.m.•1 views

CVE-2025-62430

5.4CVSS0.00027EPSS

EUVD•added 2025/10/17 5:50 p.m.•2 views

EUVD-2025-34915

5.4CVSS5.4AI score0.00027EPSS

Vulnrichment•added 2025/10/17 5:50 p.m.•2 views

CVE-2025-62430 ClipBucket v5 stored XSS via video/photo fields

5.4CVSS5.5AI score0.00027EPSS

OSV•added 2025/10/17 5:50 p.m.•1 views

CVE-2025-62430 ClipBucket v5 stored XSS via video/photo fields

5.4CVSS5.9AI score0.00027EPSS

Exploits1References4

Cvelist•added 2025/10/17 5:50 p.m.•5 views

CVE-2025-62430 ClipBucket v5 stored XSS via video/photo fields

5.4CVSS0.00027EPSS

CNNVD•added 2025/10/17 12:0 a.m.•2 views

ClipBucket 跨站脚本漏洞

ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A cross-site scripting vulnerability exists in ClipBucket version 5.5.2 145 and prior versions, which stems from multiple video and photo metadata fields that are not...

5.4CVSS5.9AI score0.00027EPSS

Exploits1References3

Tenable Nessus•added 2025/08/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2015-6602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a 1 MP3 or 2 MP4 file, as demonstrated by an...

9.3CVSS6.5AI score0.0399EPSS

vulnersOsv•added 2025/04/30 5:41 p.m.•2 views

audio-video-metadata (>=0.1.0 <=0.1.7), fselect (>=0.3.2 <=0.8.11) +4 more potentially affected by unknown CVE via mp3-metadata (>=0.1.1 <=0.3.4)

mp3-metadata CARGO version =0.1.1, =0.1.0, =0.3.2, =0.1.2, =0.1.0, =0.2.2 Source cves: unknown CVE Source advisory: OSV:GHSA-927Q-G9W9-PM54...

5.8AI score

Exploits0

OSV•added 2024/07/08 4:15 p.m.•2 views

AZL-43224 CVE-2024-39695 affecting package exiv2 for versions less than 0.28.3-1

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.2. The vulnerability is in the parser for the ASF video format, which was a new feature in v0.28.0. The out-of-bounds...

6.5CVSS5.7AI score0.00144EPSS

SUSE CVE•added 2024/02/14 3:56 a.m.•1 views

SUSE CVE-2024-25112

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 to crash by exhausting the stack. The vulnerable function,...

5.5CVSS6.5AI score0.00015EPSS

Exploits0References4

OSV•added 2024/02/12 11:15 p.m.•4 views

AZL-42555 CVE-2024-24826 affecting package exiv2 for versions less than 0.28.3-1

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0, so Exiv2 versions before v0.28 are no...

5CVSS6AI score0.00041EPSS

SUSE CVE•added 2023/02/15 5:17 a.m.•1 views

SUSE CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

9.3CVSS8.1AI score0.01513EPSS

Exploits6References4

OpenVAS•added 2021/11/11 12:0 a.m.•17 views

Mozilla Firefox Security Advisory (MFSA2015-93) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.3CVSS6.5AI score0.01513EPSS

Exploits6References3

NVD•added 2019/05/07 8:29 p.m.•11 views

CVE-2018-6243

NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. Android ID: A-72315075. Severity Rating: High. Version: N/A...

7.8CVSS7.4AI score0.00013EPSS

Cvelist•added 2019/05/07 7:36 p.m.•13 views

CVE-2018-6243

7.5AI score0.00013EPSS

CNVD•added 2017/08/15 12:0 a.m.•0 views

Synology Video Station Cross-Site Scripting Vulnerability

Synology Video Station is a video manager from Synology.Video Metadata Editor is one of the video metadata editors. A cross-site scripting vulnerability exists in Video Metadata Editor in Synology Video Station versions prior to 2.3.0-1435. A remote attacker can exploit the vulnerability to injec...

5.4CVSS5.2AI score0.00187EPSS

OSV•added 2017/08/11 8:29 p.m.•1 views

CVE-2017-9556

Cross-site scripting XSS vulnerability in Video Metadata Editor in Synology Video Station before 2.3.0-1435 allows remote authenticated attackers to inject arbitrary web script or HTML via the title parameter...

5.4CVSS5.9AI score