Aggregates CVE and security vulnerability intelligence across all ansilove-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow, vendor risk memory corruption, and vendor risk denial of service and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-19353 | The ansilove_ansi function in loaders/ansi.c in libansilove 1.0.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. | [email protected] | 6.5 | 0.43% | 2018-11-18 | 2024-11-21 |
| CVE-2006-0695 | Ansilove before 1.03 does not filter uploaded file extensions, which allows remote attackers to execute arbitrary code by uploading arbitrary files with dangerous extensions, then accessing them directly in the upload directory. | [email protected] | 7.5 | 3.37% | 2006-02-15 | 2026-04-16 |
| CVE-2006-0694 | Unspecified vulnerability in the loaders (load_*.php) in Ansilove before 1.03 allows remote attackers to read arbitrary files via unspecified vectors involving "converting files accessible by the webserver". | [email protected] | 5.0 | 0.50% | 2006-02-15 | 2026-04-16 |