PT-2024-31368

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when the crtc's connectors changed is set without enable/active getting toggled, resulting in an atomic enable call followed by an atomic disable but without an atomic...

WordPress Email Encoder plugin < 2.2.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Email Encoder Bundle versions 2.2.2...

CVE-2024-4483

The Email Encoder WordPress plugin before 2.2.2 does not escape the WPEmailEncoderBundleoptionsprotectiontext parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting...

CVE-2024-4483 Email Encoder < 2.2.2 - Admin+ Stored XSS

The Email Encoder WordPress plugin before 2.2.2 does not escape the WPEmailEncoderBundleoptionsprotectiontext parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting...

CVE-2024-4483 Email Encoder < 2.2.2 - Admin+ Stored XSS

The Email Encoder WordPress plugin before 2.2.2 does not escape the WPEmailEncoderBundleoptionsprotectiontext parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting...

CVE-2024-4483

CVE-2024-4483 affects the Email Encoder WordPress plugin prior to 2.2.2. The vulnerability is a Stored XSS where the parameter WP_Email_Encoder_Bundle_options[protection_text] is not escaped before output in an admin page attribute, enabling potentially malicious input to be stored and reflected....

PT-2024-31271 · WordPress · Email Encoder

Name of the Vulnerable Software and Affected Versions: The Email Encoder WordPress plugin versions prior to 2.2.2 Description: The issue is related to a Stored Cross-Site Scripting problem. It occurs because the WP Email Encoder Bundle optionsprotection text parameter is not properly escaped befo...

WordPress plugin Email Encoder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

WordPress Email Encoder Bundle Plugin < 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Email Encoder Bundle Type Plugin Vulnerable versions 2.2.2 Fixed in 2.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4483 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5d3ad3645d3e Credits Krugov Artyom Require...

PT-2024-35516

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer error issue has been resolved in the Linux kernel. The problem was addressed by adding an encoder check in hdcp2 get capability and intel hdcp2 get capability to prevent t...

PT-2024-35517

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference issue in the Linux kernel has been resolved. The problem occurred in the drm/i915/hdcp component, specifically in the intel hdcp get capability function. This...

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted xy offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

...

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.

...

A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability.

...

PT-2024-6319 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe Media Encoder. This vulnerability could allow an attacker to execute code in the context of the current us...

PT-2024-6321 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations su...

PT-2024-6318 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...

PT-2024-6320 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass...

PT-2024-33812

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A buffer overflow error has been resolved in the Linux kernel, specifically in the dcn401 stream encoder create function. The issue arises from an out-of-bounds access on the stream en...

[SECURITY] Fedora 40 Update: jpegxl-0.8.3-1.fc40

This package contains a reference implementation of JPEG XL encoder and decoder...