WordPress Responsive iframe GoogleMap plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by zakaria in WordPress Plugin Responsive iframe GoogleMap versions = 1.0.2...

CVE-2024-11813

The Pulsating Chat Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.1. This is due to missing or incorrect nonce validation on the aminchatbuttonsettingspage function. This makes it possible for unauthenticated attackers to update...

Linux Distros Unpatched Vulnerability : CVE-2018-11813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libjpeg 9c has a large loop because readpixel in rdtarga.c mishandles EOF. CVE-2018-11813 Note that Nessus relies on the presence of the package as reported by...

CVE-2024-11813

creationtimestamp| type| source ---|---|--- 2024-12-04 03:07:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113592347937896055 2024-12-04 05:02:37+00:00| seen| https://t.me/cvedetector/11938...

CVE-2024-11813 Pulsating Chat Button <= 1.4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Pulsating Chat Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.1. This is due to missing or incorrect nonce validation on the aminchatbuttonsettingspage function. This makes it possible for unauthenticated attackers to update...

Photon OS 5.0: Openjdk11 PHSA-2023-5.0-0032

An update of the openjdk11 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0032. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Oracle Linux 7 : libjpeg-turbo (ELSA-2019-2052)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2052 advisory. - Fix CVE-2018-14498 1687475 - Fix CVE-2018-11212 1586062 - Fix CVE-2016-3616 1318509, CVE-2018-11213 1589091 and CVE-2018-11214 1589110 Tenable has...

SUSE CVE-2018-11813

libjpeg 9c has a large loop because readpixel in rdtarga.c mishandles EOF...

Ubuntu: Security Advisory (USN-5497-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5631-1: libjpeg-turbo vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This...

Ubuntu: Security Advisory (USN-5631-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5631-1: libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-11813 It was discovered that libjpeg-turbo...

Ubuntu 18.04 LTS / 20.04 LTS : libjpeg-turbo vulnerabilities (USN-5631-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5631-1 advisory. It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause...

Ubuntu: Security Advisory (USN-5553-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5336-1: libjpeg9 vulnerabilities

Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2016-3616 It was discovered that the cjpeg utility in libjpeg9 incorrectly handled...

CVE-2020-14151

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11813. Reason: This candidate is a duplicate of CVE-2018-11813. Notes: All CVE users should reference ID instead of this candidate. All...

CVE-2020-14151

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11813. Reason: This candidate is a duplicate of CVE-2018-11813. Notes: All CVE users should reference ID instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usa...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11813. Reason: This candidate is a duplicate of CVE-2018-11813. Notes: All CVE users should reference ID instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usa...

UBUNTU-CVE-2020-14151

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11813. Reason: This candidate is a duplicate of CVE-2018-11813. Notes: All CVE users should reference ID instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...