RHSA-2025:19951 Red Hat Security Advisory: bind security update

Bulletin has no description...

CVE-2020-19951

A cross-site request forgery CSRF in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application...

CVE-2023-40502

LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability affects LG Simple Editor. The flaw stems from improper validation of a user-supplied path in the cropImage command, allowing remote attackers to delete arbitrary files with SYSTEM context. Affected components inc...

CVE-2023-40502 LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability

LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

Ubuntu: Security Advisory (USN-5190-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5190-1 graphicsmagick vulnerabilities

It was discovered that GraphicsMagick allowed reading arbitrary files via specially crafted images. An attacker could use this issue to expose sensitive information. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. CVE-2019-12921 It was discovered that...

Mageia: Security Advisory (MGASA-2020-0102)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-19951

creationtimestamp| type| source ---|---|--- 2021-09-24 00:30:11+00:00| seen| https://t.me/cibsecurity/29347...

CVE-2020-19951

The CVE-2020-19951 entry concerns a CSRF vulnerability in YzmCMS v5.5, specifically in /controller/pay.class.php. The issue enables an attacker to access sensitive components of the application due to cross-site request forgery. Connected sources consistently reference the same vulnerability in Y...

CVE-2018-19951

creationtimestamp| type| source ---|---|--- 2020-11-02 18:38:52+00:00| seen| https://t.me/cibsecurity/15776...

CVE-2018-19951

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11...

CVE-2018-19951

CVE-2018-19951 is a Cross-Site Scripting (XSS) vulnerability in QNAP Music Station web interface. The root cause is insufficient input validation by the Music Station web application, enabling remote attackers to inject client-side code. Affected versions are QNAP Music Station prior to 5.1.13, p...

Debian: Security Advisory (DSA-4640-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4640-1] graphicsmagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4640-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 15, 2020 https://www.debian.org/security/faq -...

Updated graphicsmagick packages fix security vulnerabilities

Updated graphicsmagick packages fix security vulnerabilities: Fixed a use-after-free in ThrowException and ThrowLoggedException of magick/error.c CVE-2019-19950. Fixed a heap-based buffer overflow in ImportRLEPixels CVE-2019-19951. Fixed a heap-based buffer overflow in EncodeImage CVE-2019-19953...

[SECURITY] [DLA 2084-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u8 CVE ID : CVE-2019-19950 CVE-2019-19951 CVE-2019-19953 Three issues have been found in graphicsmagick, a collection of image processing tools. They are basically a heap-based buffer over-read, heap-based buffer overflow and a use-after-free in...

openSUSE: Security Advisory for GraphicsMagick (openSUSE-SU-2020:0055_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : GraphicsMagick (openSUSE-2020-55)

This update for GraphicsMagick fixes the following issues : - CVE-2019-19950: Fixed a use-after-free in ThrowException and ThrowLoggedException of magick/error.c. boo1159852 - CVE-2019-19951: Fixed a heap-based buffer overflow in ImportRLEPixels boo1160321. - CVE-2019-19953: Fixed a heap-based...

UBUNTU-CVE-2019-19951

In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c...

CVE-2019-19951

CVE-2019-19951 affects GraphicsMagick; the issue is a heap-based buffer overflow in ImportRLEPixels() within coders/miff.c (GraphicsMagick 1.4 snapshot-20190423 Q8). Reports in connected documents confirm a heap-based overflow in ImportRLEPixels and document fixes: Mageia MGASA-2020-0102 notes th...