19 matches found
SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2026:2853-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2853-1 advisory. Update to version 4.7.2. Security issues fixed: - CVE-2026-12912: heap-based buffer overflow when processing...
OESA-2026-2837 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
OESA-2026-2834 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
SUSE CVE-2026-36849
unknown...
DEBIAN-CVE-2026-36849
Bulletin has no description...
CVE-2026-36849
creationtimestamp| type| source ---|---|--- 2026-06-17 01:42:59+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3moh6qy7igr2p...
Linux Distros Unpatched Vulnerability : CVE-2026-36849
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - tiff - None Ubuntu Linux - Denial of Service via large SamplesPerPixel tag CVE-2026-36849 Note that Nessus relies on the presence of the package ...
CVE-2020-36849
The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to...
CVE-2020-36849
The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to...
CVE-2020-36849 AIT CSV import/export <= 3.0.3 - Unauthenticated Arbitrary File Upload
The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to...
CVE-2020-36849
The CVE-2020-36849 entry concerns the AIT CSV import/export plugin for WordPress (versions up to 3.0.3). The root cause is missing file type validation in admin/upload-handler.php, enabling arbitrary file uploads on the vulnerable site and potentially remote code execution. Public references incl...
CVE-2023-36849
An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control protocols daemon l2cpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. When a malformed LLDP packet is received, l2cpd will...
CVE-2023-36849
CVE-2023-36849 affects Juniper Networks Junos OS and Junos OS Evolved; the issue is an Improper Check or Handling of Exceptional Conditions in the Layer-2 control protocols daemon (l2cpd). A malformed LLDP packet can cause l2cpd to crash and restart, reinitializing STP (RSTP/MSTP/VSTP), MVRP and ...
CVE-2022-36849
Use after free vulnerability in sdpmmsetprocesssensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions...
CVE-2022-36849
CVE-2022-36849 is a use-after-free vulnerability in the sdp_mm_set_process_sensitive function of the sdpmm driver, affecting Samsung devices in the SMR Sep-2022 Release 1. The issue arises from post-release reuse in the sdpmm driver and could allow malicious actions. Publicly documented impact fo...
CVE-2021-36849
creationtimestamp| type| source ---|---|--- 2022-07-20 22:12:12+00:00| seen| https://t.me/cibsecurity/46712...
CVE-2021-36849
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in René Hermenau's Social Media Share Buttons plugin = 3.8.1 at WordPress...
CVE-2021-36849
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in René Hermenau's Social Media Share Buttons plugin = 3.8.1 at WordPress...
CVE-2021-36849
CVE-2021-36849 affects the MashShare/WordPress Social Media Share Buttons plugin (