EUVD-2018-12607

Malware in sbrugna...

Calibre Web 0.6.21 Cross Site Scripting

Exploit Title: Stored XSS in Calibre-web Date: 07/05/2024 Exploit Authors: Pentest-Tools.com Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/janeczku/calibre-web/ Version: 0.6.21 - Romesa Tested on: Linux 5.15.0-107, Python 3.10.12, lxml 4.9.4 CVE: CVE-2024-39123...

GHSA-J22R-3RF3-CV25 Calibre-Web Cross Site Scripting (XSS)

In janeczku Calibre-Web 0.6.0 to 0.6.21, the editbookcomments function is vulnerable to Cross Site Scripting XSS due to improper sanitization performed by the cleanstring function. The vulnerability arises from the way the cleanstring function handles HTML sanitization...

SUSE CVE-2012-2836

The exifdataloaddata function in exif-data.c in the EXIF Tag Parsing Library aka libexif before 0.6.21 allows remote attackers to cause a denial of service out-of-bounds read or possibly obtain sensitive information from process memory via crafted EXIF tags in an image...

libexif: divide-by-zero in exif_entry_get_value function in exif-entry.c

exifentrygetvalue in exif-entry.c in libexif 0.6.21 has a divide-by-zero error...

CVE-2020-12767

exifentrygetvalue in exif-entry.c in libexif 0.6.21 has a divide-by-zero error...

Design/Logic Flaw

exifentrygetvalue in exif-entry.c in libexif 0.6.21 has a divide-by-zero error...

UBUNTU-CVE-2020-12767

exifentrygetvalue in exif-entry.c in libexif 0.6.21 has a divide-by-zero error...

CVE-2020-12767

exifentrygetvalue in exif-entry.c in libexif 0.6.21 has a divide-by-zero error...

CVE-2020-12767

The CVE-2020-12767 issue affects libexif version 0.6.21, where exif_entry_get_value in exif-entry.c has a divide-by-zero condition. Multiple connected notices confirm this specific vulnerability in libexif 0.6.21 and reference fix/mitigation in subsequent releases (notably libexif 0.6.22). Practi...

Code injection

An error when processing the EXIFIFDINTEROPERABILITY and EXIFIFDEXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources...

libexif Denial of Service Vulnerability

libexif is a library of functions written in C to read and write EXIF meta-information from graphics files. A security vulnerability in the 'exifdatasavedataentry' function in the libexif/exif-data.c file in libexif version 0.6.21 and earlier stems from the program failing to correctly calculate...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the libexif-debuginfo-0.6.21 package for the Red Hat Enterprise Linux operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libexif-0.6.21 package of the Red Hat Enterprise Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libexif-0.6.21 package of the CentOS operating system can be exploited, which may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the libexif package up to version 0.6.21 of the Gentoo Linux operating system. Exploitation of these vulnerabilities may lead to violations of privacy, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

ImgSvr 0.6 Template Parameter Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24853/info ImgSvr is prone to a local file-include vulnerability because it fails to sanitize user-supplied input. Attackers may exploit this issue to access files that may contain sensitive information. UPDATE December 2...

ImgSvr 0.6.21 Error Message Remote Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27033/info ImgSvr is prone to a remote script-execution vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlyi...

Mandriva Linux Security Advisory : libexif (MDVSA-2013:035)

Multiple vulnerabilities has been discovered and corrected in libexif : A heap-based out-of-bounds array read in the exifentrygetvalue function in libexif/exif-entry.c in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly obtain potentially sensitive...

CentOS Update for libexif CESA-2012:1255 centos5

Check for the Version of libexif OpenVAS Vulnerability Test CentOS Update for libexif CESA-2012:1255 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...