VYPR

Files

by User Attachments

CVEs (37)

  • CVE-2026-3946LowMar 11, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site scripting. The attack is possible to be carried out remotely. The exploit is…

  • CVE-2026-4833LowMar 26, 2026
    risk 0.21cvss 3.3epss 0.00

    A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made…

  • CVE-2026-2069LowFeb 6, 2026
    risk 0.21cvss 3.3epss 0.00

    A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow. The attack needs to be…

  • CVE-2025-10823LowSep 23, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in axboe fio up to 3.41. This affects the function str_buffer_pattern_cb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could…

  • CVE-2025-6536LowJun 24, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tm_to_datetime in the library src/lib/core/datetime.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The…

  • CVE-2025-6497LowJun 23, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been…

  • CVE-2025-6496LowJun 23, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack.…

  • CVE-2026-8275LowMay 11, 2026
    risk 0.17cvss 3.7epss 0.01

    A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogod_ipp_primitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The…

  • CVE-2026-5037LowMar 29, 2026
    risk 0.14cvss 3.3epss 0.00

    A vulnerability was determined in mxml up to 4.0.4. This issue affects the function index_sort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local…

  • CVE-2026-4174LowMar 16, 2026
    risk 0.14cvss 3.3epss 0.00

    A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local…

  • CVE-2025-54790Aug 1, 2025
    risk 0.00cvss epss 0.00

    Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10.

  • CVE-2025-54789Aug 1, 2025
    risk 0.00cvss epss 0.00

    Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, which can lead to Browser JS code execution in the context of the user’s…

  • CVE-2025-2091Jun 16, 2025
    risk 0.00cvss epss 0.00

    An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.

  • CVE-2018-20592Dec 30, 2018
    risk 0.00cvss epss 0.01

    In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.

  • CVE-2018-20593Dec 30, 2018
    risk 0.00cvss epss 0.01

    In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.

  • CVE-2018-20004Dec 10, 2018
    risk 0.00cvss epss 0.02

    An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml.

  • CVE-2018-20005Dec 10, 2018
    risk 0.00cvss epss 0.01

    An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.

Page 2 of 2