Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1612)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1612 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds...

Fedora 44 : usd (2026-502486fc61)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-502486fc61 advisory. Backport several OpenEXRCore security fixes - Fixes CVE-2026-34378 / GHSA-v76p-4qvv-vh4g; closes RHBZ2455493 - Fixes CVE-2026-34380 /...

Fedora: Security Advisory (FEDORA-2026-d939698c2e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libIex-3_4-33-3.4.9-1.1 on GA media (moderate)

libIex-34-33-3.4.9-1.1 on GA media Announcement ID: openSUSE-SU-2026:10505-1 Rating: moderate Cross-References: CVE-2026-34378 CVE-2026-34379 CVE-2026-34380 CVE-2026-34543 CVE-2026-34544 CVE-2026-34545 CVE-2026-34588 CVE-2026-34589 CVSS scores: CVE-2026-34378 SUSE : 5.5...

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +66 more potentially affected by CVE-2026-34380 via openexr (>=3.4.12 <=3.4.4)

openexr PYPI version =3.4.12, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-34380 Source advisory: SNYK:PYTHON-OPENEXR-15993236...

CVE-2026-34380

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in undopxr24impl in src/lib/OpenEXRCore/internalpxr24.c at line 377. The...

CVE-2026-34380

creationtimestamp| type| source ---|---|--- 2026-04-05 02:01:10+00:00| seen| https://bsky.app/profile/slackers.it/post/3mipnqc75xj2n...

CVE-2024-34380

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.2.0...

CVE-2024-34380

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.2.0...

CVE-2024-34380 WordPress ChatBot Conversational Forms plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.2.0...

CVE-2024-34380

CVE-2024-34380 affects the QuantumCloud Conversational Forms for ChatBot WordPress plugin, with an Improper Neutralization of Input During Web Page Generation leading to Stored XSS in the Conversational Forms; affected versions are from n/a through 1.2.0. Red Hat and Wordfence sources confirm the...

WordPress Conversational Forms for ChatBot Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Conversational Forms for ChatBot Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34380 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 04a3b48cf9af Credits Jean Tirstan T Requir...

CVE-2022-34380

creationtimestamp| type| source ---|---|--- 2022-09-01 22:38:17+00:00| seen| https://t.me/cibsecurity/49176...

CVE-2022-34380

Dell CloudLink 7.1.3 and earlier versions contain an Authentication Bypass Using an Alternate Path or Channel vulnerability. A high-privilege local attacker could bypass authentication and access the CloudLink system console, effectively taking control of the system. Affected software: Dell Cloud...

CVE-2022-34380

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical...

CVE-2022-34380

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical...

CVE-2021-34380

Bootloader contains a vulnerability in NVIDIA MB2 where potential heap overflow might cause corruption of the heap metadata, which might lead to arbitrary code execution, denial of service, and information disclosure during secure boot...

CVE-2021-34380

CVE-2021-34380 refers to a vulnerability in the NVIDIA MB2 bootloader used on Jetson devices. The issue is described as a heap overflow that can corrupt heap metadata, with potential outcomes including arbitrary code execution, denial of service, and information disclosure during secure boot. Aff...

tubeid.co XSS vulnerability

Vulnerable URL: https://www.tubeid.co/search/videos/%3C/script%3E%3Cimg%20src=x%20onerror=prompt/XSSPOSED/%3E.html Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 34380 VIP website...

CVE-2025-34380

This CVE-2025-34380 entry is rejected/not used as stated in the Description.