MAL-2025-13218 Malicious code in @zalastax/nolb-pop (npm)

The package @zalastax/nolb-pop was found to contain malicious code...

CVE-2019-13218

Division by zero in the predictpoint function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

openSUSE Security Advisory (openSUSE-SU-2025:0039-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : stb (openSUSE-SU-2025:0039-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0039-1 advisory. Addressing the follow security issues boo1216478: CVE-2019-13217: heap buffer overflow in startdecoder CVE-2019-13218: stack buffer overflow in...

CVE-2024-13218

creationtimestamp| type| source ---|---|--- 2025-01-31 06:16:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzdx4qn7k2p 2025-01-31 06:19:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113921514107719292 2025-01-31 07:30:48+00:00| seen|...

CVE-2024-13218

The Fast Tube WordPress plugin through 2.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13218

The Fast Tube WordPress plugin through 2.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13218 Fast Tube <= 2.3.1 - Reflected XSS

The Fast Tube WordPress plugin through 2.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2020-13218

CVE-2020-13218 is rejected/not used and does not represent an active vulnerability entry.

CVE-2020-13218

...

CVE-2019-13218

Division by zero in the predictpoint function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

CVE-2019-13218

Division by zero in the predictpoint function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...

CVE-2019-13218

CVE-2019-13218 affects stb_vorbis via a stack buffer overflow in compute_codewords(). Multiple advisories (openSUSE-SU-2025:0039-1, Debian DLA-3305-1) list stb as impacted and describe a fix by upgrading to patched libstb/stb. Affected product: stb_vorbis (library/stb). Root cause: stack buffer o...

CVE-2017-13218

The CVE-2017-13218 entry documents a side-channel information-disclosure vulnerability caused by access to CNTVCT_EL0 in various ARM-based devices (e.g., Small Cell SoC, Snapdragon lines). Affected components include listed CPUs/SoCs (FSM9055, IPQ4019, IPQ8064, MDM9xxx, SD series, etc.) and relat...