NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2024-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities: - A use-after-free issue was found in the AudioSourceProviderGStreamer class of WebKitGTK and WPE WebKit in versions prior to 2.30.5. Processing maliciously...

Important: webkitgtk4

Issue Overview: A logic issue was addressed with improved state management. CVE-2020-22592 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2,...

CVE-2023-29623

creationtimestamp| type| source ---|---|--- 2023-04-14 07:30:37+00:00| seen| https://t.me/cibsecurity/62104 2025-02-26 21:25:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5619...

CVE-2023-29623

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php...

CVE-2023-29623

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php...

CVE-2023-29623

CVE-2023-29623 : Purchase Order Management v1.0 contains a reflected XSS vulnerability exploitable via the password parameter in /purchase_order/classes/login.php. The Nuclei template corroborates this finding and describes the impact as malicious scripts executing in a victim’s browser, potentia...

CVE-2023-29623

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php...

SUSE: Security Advisory (SUSE-SU-2022:3889-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-29623 affecting package exiv2 for versions less than 0.27.5-1

CVE-2021-29623 affecting package exiv2 for versions less than 0.27.5-1. An upgraded version of the package is available that resolves this issue...

@aoboxinda/budget (>=0.1.155 <=0.1.186), @apostrophecms/form (>=1.0.0 <=1.5.1) +574 more potentially affected by CVE-2022-29623 via connect-multiparty (>=0.1.1 <=2.2.0)

connect-multiparty NPM version =0.1.1, =0.1.155, =1.0.0, =1.1.0, =0.0.1, =0.0.1, =0.1.0, =0.58.14, =0.1.0, =0.1.1, =0.1.0, =0.1.1, =5.0.0, =0.12.2, =1.0.1, =1.0.3 and more Source cves: CVE-2022-29623 Source advisory: OSV:GHSA-W2XW-44R3-4V9G...

CVE-2022-29623

creationtimestamp| type| source ---|---|--- 2022-05-16 18:26:25+00:00| seen| https://t.me/cibsecurity/42733 2025-05-20 06:39:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16952...

CVE-2022-29623

An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report...

CVE-2022-29623

CVE-2022-29623 describes an arbitrary file upload vulnerability in the file upload module of Connect-Multiparty 2.2.0 (Express Connect-Multiparty). The underlying issue allows an attacker to execute arbitrary code by supplying a crafted PDF file. The vulnerability is documented across multiple so...

Mageia: Security Advisory (MGASA-2021-0181)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: exiv2 security, bug fix, and enhancement update

An update for exiv2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2021:4381 Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm 40.0, webkit2gtk3 2.32.3. BZ1909300 Security Fixes: webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558...

Moderate: exiv2 security, bug fix, and enhancement update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...

RLSA-2021:4173 Moderate: exiv2 security, bug fix, and enhancement update

Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. The following packages have been upgraded to ...

EulerOS 2.0 SP5 : exiv2 (EulerOS-SA-2021-2495)

According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialize...

[ASA-202106-54] exiv2: multiple issues

Arch Linux Security Advisory ASA-202106-54 ========================================== Severity: Low Date : 2021-06-22 CVE-ID : CVE-2021-3482 CVE-2021-29457 CVE-2021-29458 CVE-2021-29463 CVE-2021-29464 CVE-2021-29470 CVE-2021-29473 CVE-2021-29623 CVE-2021-32617 Package : exiv2 Type : multiple issu...