ImageRecycle Pdf & Image Compression Security Vulnerabilities

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, kubernetes-csi-driver-hostpath, kpt, prometheus-mongodb-exporter, gitlab-pages, newrelic-nri-kube-events, rclone, pulumi, docker-compose, prometheus-elasticsearch-exporter, istio-operator, influxd,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, cni-plugins, kor, nri-nginx, helm-operator, gitlab-logger, k8ssandra-operator,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: flyte, boring-registry, nfs-subdir-external-provisioner, kubernetes-csi-driver-hostpath, kpt, go, pombump, gitlab-pages, go-licenses, rabbitmq-default-user-credential-updater, rclone, spqr, kubernetes-ingress-defaultbackend, docker-compose, wire-go, gitleaks,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: flyte, boring-registry, nfs-subdir-external-provisioner, kubernetes-csi-driver-hostpath, kpt, go, pombump, gitlab-pages, go-licenses, rabbitmq-default-user-credential-updater, rclone, spqr, kubernetes-ingress-defaultbackend, docker-compose, wire-go, gitleaks,...

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: nfs-subdir-external-provisioner, kpt, prometheus-mongodb-exporter, gitlab-pages, pulumi, prometheus-elasticsearch-exporter, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey, prometheus-adapter, prometheus-node-exporter,...

CVE-2023-48795 vulnerabilities

Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, fq, prometheus-mongodb-exporter, gitlab-pages, go-licenses, pulumi, istio-operator, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, prometheus-adapter, prometheus-node-exporter,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: buildkitd, gitlab-runner, kyverno, slsa-verifier, filebeat, istio-pilot-agent, telegraf, up, zot, flux-helm-controller, tekton-chains, kubevela, kots, k9s, kargo, pulumi, goreleaser, skaffold, docker-credential-gcr, falco, helm, bom, datadog-agent, traefik, eksctl,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, kubernetes-csi-driver-hostpath, kpt, prometheus-mongodb-exporter, gitlab-pages, newrelic-nri-kube-events, rclone, pulumi, docker-compose, prometheus-elasticsearch-exporter, istio-operator, influxd,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, cni-plugins, kor, nri-nginx, helm-operator, gitlab-logger, k8ssandra-operator,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: flyte, boring-registry, nfs-subdir-external-provisioner, kubernetes-csi-driver-hostpath, kpt, go, pombump, gitlab-pages, go-licenses, rabbitmq-default-user-credential-updater, rclone, spqr, kubernetes-ingress-defaultbackend, docker-compose, wire-go, gitleaks,...

CVE-2024-24790 vulnerabilities

Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: nfs-subdir-external-provisioner, istio-pilot-agent, kpt, prometheus-mongodb-exporter, go, gitlab-pages, kubernetes-ingress-defaultbackend, pulumi, prometheus-elasticsearch-exporter, istio-operator, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey,...

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: boring-registry, grafana, kaniko, slsa-verifier, wolfictl, flux-image-automation-controller, zot, gitness, tekton-chains, kubevela, keda, rclone, sops, melange, pulumi, flux-kustomize-controller, spire-server, goreleaser, vault, pulumi-language-yaml, falco,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

GHSA-49GW-VXVF-FC2G vulnerabilities

Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: nfs-subdir-external-provisioner, kpt, prometheus-mongodb-exporter, gitlab-pages, pulumi, prometheus-elasticsearch-exporter, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey, prometheus-adapter, prometheus-node-exporter,...

GHSA-45X7-PX36-X8W8 vulnerabilities

Vulnerabilities for packages: boring-registry, nfs-subdir-external-provisioner, istio-pilot-agent, fq, prometheus-mongodb-exporter, gitlab-pages, go-licenses, pulumi, istio-operator, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, prometheus-adapter, prometheus-node-exporter,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: nfs-subdir-external-provisioner, istio-pilot-agent, kpt, prometheus-mongodb-exporter, go, gitlab-pages, kubernetes-ingress-defaultbackend, pulumi, prometheus-elasticsearch-exporter, istio-operator, influxd, cluster-autoscaler, prometheus-statsd-exporter, vault, hey,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: flyte, boring-registry, nfs-subdir-external-provisioner, kubernetes-csi-driver-hostpath, kpt, go, pombump, gitlab-pages, go-licenses, rabbitmq-default-user-credential-updater, rclone, spqr, kubernetes-ingress-defaultbackend, docker-compose, wire-go, gitleaks,...

GHSA-236W-P7WF-5PH8 vulnerabilities

Vulnerabilities for packages: wolfictl, kubernetes-csi-driver-hostpath, kpt, istio-operator, prometheus-statsd-exporter, ghaudit, hey, prometheus-adapter, node-feature-discovery, speedtest-go, kubernetes-csi-external-provisioner, nvidia-container-toolkit, teleport, cni-plugins, nri-nginx,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: buildkitd, gitlab-runner, kyverno, slsa-verifier, filebeat, istio-pilot-agent, telegraf, up, zot, flux-helm-controller, tekton-chains, kubevela, kots, k9s, kargo, pulumi, goreleaser, skaffold, docker-credential-gcr, falco, helm, bom, datadog-agent, traefik, eksctl,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: aws-flb-cloudwatch, nfs-subdir-external-provisioner, nri-cassandra, fq, kpt, prometheus-mongodb-exporter, pombump, go-licenses, pulumi, dataplaneapi, wire-go, prometheus-elasticsearch-exporter, cluster-api-controller, cluster-autoscaler, prometheus-statsd-exporter,...

CVE-2024-35750

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through...

CVE-2024-35750

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through...

CVE-2024-35750 WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through...

Exploit for Code Injection in Exiftool Project Exiftool

CVE-2021-22204 Summary of the CVE Improper sanitization...

aimeos-core arbitrary file uopload vulnerability

An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows attackers to execute arbitrary code via uploading a crafted PHP...

aimeos-core arbitrary file uopload vulnerability

An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows attackers to execute arbitrary code via uploading a crafted PHP...

Cross-site scripting (XSS) vulnerability in Description metadata

Summary Regardless of the role or privileges, no user should be able to inject malicious JavaScript (JS) scripts into the body HTML. an XSS (Cross-Site Scripting) vulnerability, specifically a Stored XSS, which affects all pages of the website. Once the JS script is embedded in the body HTML, the.....

Cross-site scripting (XSS) vulnerability in Description metadata

Summary Regardless of the role or privileges, no user should be able to inject malicious JavaScript (JS) scripts into the body HTML. an XSS (Cross-Site Scripting) vulnerability, specifically a Stored XSS, which affects all pages of the website. Once the JS script is embedded in the body HTML, the.....

CVE-2024-36811

An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows attackers to execute arbitrary code via uploading a crafted PHP...

CVE-2024-36811

An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows attackers to execute arbitrary code via uploading a crafted PHP...

CVE-2024-5745

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to...

CVE-2024-5745

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to...

CVE-2024-5745 itsourcecode Bakery Online Ordering System unrestricted upload

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to...

CVE-2024-5734

A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. Affected is an unknown function of the file /members/poster.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

CVE-2024-5734

A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. Affected is an unknown function of the file /members/poster.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

CVE-2024-5734 itsourcecode Online Discussion Forum poster.php unrestricted upload

A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. Affected is an unknown function of the file /members/poster.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

CVE-2024-5426

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-5426

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-5481

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the...