CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

192 matches found

CVE-2026-30041

CVE-2026-30041 affects FastStone Image Viewer v8.3 and earlier, due to an integer overflow in the PSD parser component caused by invalid height handling, which leads to a heap-based buffer overflow. Exploitation with a crafted PSD file could allow arbitrary code execution or cause a DoS. Public s...

7.5CVSS6.2AI score

Exploits0References2

ATTACKERKB•added 2026/06/05 1:24 p.m.•5 views

CVE-2026-50231

Lyrion Music Server 9.2.0 contains an unauthenticated stored cross-site scripting vulnerability in the log viewer that allows attackers to inject malicious scripts by exploiting unescaped template variables. Attackers can inject XSS payloads through search, lines, and path query parameters or by...

7.2CVSS5.6AI score0.00183EPSS

Exploits2References3Affected Software1

CNNVD•added 2026/06/05 12:0 a.m.•8 views

Lyrion Music Server 跨站脚本漏洞

Lyrion Music Server is an audio server software developed by the Lyrion organization. Version 9.2.0 of Lyrion Music Server contains a cross-site scripting vulnerability. This vulnerability stems from an unvalidated storage-based cross-site scripting flaw present in the log viewer, which may allow...

7.2CVSS5AI score0.00183EPSS

Exploits2References2

IBM Security Bulletins•added 2026/05/31 4:46 p.m.•14 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in uuid (CVE-2026-41907)

Summary A vulnerability in the uuid generation utility library CVE-2026-41907 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading the component to version 9.0.1. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation of RFC9562 formerly RFC4122...

9.3CVSS5.7AI score0.00337EPSS

Exploits1Affected Software1

EUVD•added 2026/05/22 5:21 p.m.•10 views

EUVD-2026-31480

TypeBot is a chatbot builder tool. In versions prior to 3.16.0, the Typebot viewer packages/embeds/js renders anchor tags from rich text bubble content without filtering the javascript: URI scheme. A bot author can set a link URL to javascript:PAYLOAD, which executes in the visitor's browser...

5.4CVSS5.8AI score0.00241EPSS

Exploits0References3

Vulnrichment•added 2025/10/14 7:7 p.m.•2 views

CVE-2025-54273 Substance3D - Viewer | Out-of-bounds Write (CWE-787)

Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.5AI score0.00176EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-16961

Malware in sbrugna...

6.1CVSS7.7AI score0.01445EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2017-5799

Malware in sbrugna...

7.8CVSS7.7AI score0.00373EPSS

Exploits0References2