Lucene search
+L

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:36 a.m.8 views

CVE-2019-15779

The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qliggdismissnotice or qliggformitemdelete...

8.8CVSS7AI score0.00691EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15779

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADImage+0x00000000000034b0."...

7.8CVSS7.8AI score0.01222EPSS
Exploits0References3
NVD
NVD
added 2020/07/15 9:15 p.m.25 views

CVE-2020-15779

A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path...

7.5CVSS0.01581EPSS
Exploits1References4
CVE
CVE
added 2020/07/15 8:42 p.m.51 views

CVE-2020-15779

CVE-2020-15779: Path traversal in socket.io-file (Node.js) up to 2.0.31. The socket.io-file::createFile path uses path.join with ../ in the name, with uploadDir and rename options further determining the target path, enabling possible arbitrary file writes. Exploitation details are not provided i...

7.5CVSS7.5AI score0.01581EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/07/15 8:42 p.m.30 views

CVE-2020-15779

A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path...

7.5AI score0.01581EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2020/07/07 7:24 p.m.7 views

@best/agent-hub (>=7.0.1 <=17.0.0), best (>=7.0.1 <=17.0.0) potentially affected by CVE-2020-15779 via socket.io-file (=2.0.31)

socket.io-file NPM version =2.0.31 is affected by a known vulnerability. The following packages have a transitive dependency on socket.io-file and may be impacted: - @best/agent-hub =7.0.1, =7.0.1, =17.0.0 Source cves: CVE-2020-15779 Source advisory: OSV:GHSA-9H4G-27M8-QJRG...

7.5CVSS7.2AI score0.01581EPSS
Exploits1
OSV
OSV
added 2019/08/29 1:15 p.m.6 views

CVE-2019-15779

The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qliggdismissnotice or qliggformitemdelete...

8.8CVSS7.3AI score0.00691EPSS
Exploits0References2
CVE
CVE
added 2019/08/29 12:34 p.m.46 views

CVE-2019-15779

The CVE-2019-15779 entry concerns the WordPress insta-gallery plugin prior to version 2.4.8, which has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete. Consequence per sources indicates lack of CSRF/authorization checks could allow unauthorized actions, including potential ...

8.8CVSS8.7AI score0.00691EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/29 12:34 p.m.23 views

CVE-2019-15779

The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qliggdismissnotice or qliggformitemdelete...

8.8AI score0.00691EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/02/01 2:0 a.m.9 views

CVE-2018-15779

...

Exploits0
CVE
CVE
added 2019/02/01 2:0 a.m.22 views

CVE-2018-15779

CVE-2018-15779 entry is rejected/not used as stated in the description.

7.3AI score
Exploits0
CVE
CVE
added 2017/10/22 5:0 p.m.49 views

CVE-2017-15779

CVE-2017-15779 affects XnView Classic for Windows 2.43. A buffer overflow in the .dwg file handling can allow arbitrary code execution or a denial of service via a specially crafted .dwg, related to memory corruption around Data from Faulting Address controlling subsequent Write Address at CADIma...

7.8CVSS7.9AI score0.01222EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder