Linux Distros Unpatched Vulnerability : CVE-2018-5308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage...

CVE-2023-5308

The Podcast Subscribe Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'podcastsubscribe' shortcode in versions up to, and including, 1.4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

SUSE SLED12 / SLES12 Security Update : podofo (SUSE-SU-2024:3541-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3541-1 advisory. - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 - CVE-2017-6840: Fixed...

CVE-2019-5308

creationtimestamp| type| source ---|---|--- 2024-03-05 16:52:10+00:00| seen| https://t.me/ctinow/200434...

MAL-2024-655 Malicious code in wlwz-2312-5308 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b015561e61c1ec8b453020ad3cb9d771384244bd9417ea7139a42803878cffd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

openssl security update

1:3.0.7-25.0.1 - Replace upstream references Orabug: 34340177 1:3.0.7-25 - Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don't limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evpproperties section in main OpenSSL configuration fi...

CVE-2023-5308

creationtimestamp| type| source ---|---|--- 2023-10-20 12:41:19+00:00| seen| https://t.me/cibsecurity/72676...

CVE-2023-5308

CVE-2023-5308 refers to the WordPress plugin Podcast Subscribe Buttons. The vulnerability is a Stored Cross-Site Scripting (XSS) via the podcast_subscribe shortcode, present in versions up to and including 1.4.8, caused by insufficient input sanitization and output escaping on user-supplied attri...

WordPress Podcast Subscribe Buttons Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Podcast Subscribe Buttons Type Plugin Vulnerable versions = 1.4.8 Fixed in 1.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5308 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8270a6ea885e Credits Lana Codes...

Ubuntu: Security Advisory (USN-5308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5308-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-5308

PHPGurukul Dairy Farm Shop Management System 1.0 is affected by SQL injection (CVE-2020-5307) as demonstrated by input vectors in index.php (username), add-category.php (category, CategoryCode), add-company.php (CompanyName), and add-product.php (ProductName, ProductPrice). Root cause: lack of va...

openSUSE Security Update : podofo (openSUSE-2019-66)

This update for podofo version 0.9.6 fixes the following issues : Security issues fixed : - CVE-2017-5852: Fix a infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject PdfPage.cpp boo1023067 - CVE-2017-5854: Fix a NULL pointer dereference in PdfOutputStream.cpp boo1023070 - CVE-2017-5886: Fi...

openSUSE: Security Advisory for podofo (openSUSE-SU-2019:0066-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for podofo (important)

openSUSE Security Update: Security update for podofo Announcement ID: openSUSE-SU-2019:0066-1 Rating: important References: 1023067 1023069 1023070 1023071 1023380 1027778 1027779 1027782 1027787 1032017 1032018 1032019 1035534 1035596 1037739 1075021 1075026 1075322 1075772 1084894...

Fedora Update for mingw-podofo FEDORA-2018-2807317e7a

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : mingw-podofo (2018-2807317e7a)

Backport security fixes for: CVE-2017-7380, CVE-2017-7381, CVE-2017-7382, CVE-2017-7383, CVE-2017-5852, CVE-2017-5853, CVE-2017-6844, CVE-2017-5854, CVE-2017-5855, CVE-2017-5886, CVE-2018-8000, CVE-2017-6840, CVE-2017-6842, CVE-2017-6843, CVE-2017-6845, CVE-2017-6847, CVE-2017-6848, CVE-2017-7378...

Fedora Update for podofo FEDORA-2018-2f3c0cdf93

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...

CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...