18 matches found
CVE-2026-25808
Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Prior to 0.6.20 and 0.7.2, there is a security vulnerability where DMs and followers-only posts were exposed through the ActivityPub outbox endpoint without authorization. This vulnerability is...
PT-2026-7177
Name of the Vulnerable Software and Affected Versions Hollo versions prior to 0.6.20 Hollo versions prior to 0.7.2 Description Hollo is a federated single-user microblogging software that utilizes ActivityPub for federation. A security issue exists where direct messages DMs and posts restricted t...
EUVD-2023-1336
Malicious code in bioql PyPI...
CVE-2023-2106
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20...
CVE-2022-2525
Improper Restriction of Excessive Authentication Attempts in GitHub repository janeczku/calibre-web prior to 0.6.20...
PT-2023-12780 · Unknown · Calibre-Web
Name of the Vulnerable Software and Affected Versions: calibre-web versions prior to 0.6.20 Description: The issue is related to improper restriction of excessive authentication attempts in the GitHub repository janeczku/calibre-web. Recommendations: For versions prior to 0.6.20, update to versio...
Calibre-Web 安全漏洞
Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A security vulnerability exists in Calibre-Web versions prior to 0.6.20, which stems from a weak password policy in the program...
CVE-2023-2106 Weak Password Requirements in janeczku/calibre-web
Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20...
PT-2023-17851 · Unknown · Calibre-Web
Name of the Vulnerable Software and Affected Versions: calibre-web versions prior to 0.6.20 Description: The issue concerns weak password requirements in the GitHub repository janeczku/calibre-web. Recommendations: For versions prior to 0.6.20, update to version 0.6.20 or later to resolve the iss...
Calibre-Web 安全漏洞
Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A security vulnerability exists in Calibre-Web versions prior to 0.6.20, which stems from an improper restriction on excessive authentication attempts...
libexif: "exif_entry_format_value()" buffer overflow
Buffer overflow in the exifentryformatvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image...
libexif project security advisory July 12, 2012
libexif project security advisory July 12, 2012 PROBLEM DESCRIPTION A number of remotely exploitable issues were discovered in libexif and exif, with effects ranging from information leakage to potential remote code execution. The issues are: CVE-2012-2812: A heap-based out-of-bounds array read i...
[ MDVSA-2012:106 ] libexif
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:106 http://www.mandriva.com/security/ Package : libexif Date : July 13, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in libexif:...
ALPINE-CVE-2012-2841
Integer underflow in the exifentrygetvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer...
CVE-2012-2845
Integer overflow in the jpegdataloaddata function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain potentially sensitive information via a crafted JPEG file...
CVE-2012-2845
Integer overflow in the jpegdataloaddata function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain potentially sensitive information via a crafted JPEG file...
CVE-2012-2841
Integer underflow in the exifentrygetvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer...
DEBIAN-CVE-2007-3372
The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service exit via empty TXT data over D-Bus, which triggers an assert error...