2680 matches found
Fedora 40 : mingw-qt6-qt3d / mingw-qt6-qt5compat / mingw-qt6-qtactiveqt / etc (2024-7f2064f068)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-7f2064f068 advisory. Update to qt-6.6.2. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for thi...
SUSE SLES12 Security Update : jasper (SUSE-SU-2024:1396-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1396-1 advisory. - In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing...
CVE-2024-31744
In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file...
CVE-2024-31744
In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file...
CVE-2024-31744
In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file...
CVE-2024-31744
CVE-2024-31744 affects Jasper 4.2.2. The jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure leading to a denial-of-service condition via a crafted image file. Public exploitation details are not provided in the included documents. The entry includes a CVSS...
Jasper 安全漏洞
Jasper is a flexible and powerful GitHub issue reader from the Jasper open source. A security vulnerability exists in Jasper version 4.2.2, which stems from the presence of an Assertion Failure vulnerability that allows an attacker to cause a denial of service attack via a specific image file...
CVE-2024-31744
In Jasper 4.2.2, the jpcstreamlistremove function in src/libjasper/jpc/jpcdec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file...
Shortcodes and extra features for Phlox theme <= 2.15.2 - Subscriber+ PHP Object Injection
Description The plugin is vulnerable to PHP Object Injection via deserialization of untrusted input from the vulnerable 'id' parameter in the 'auxintemplatecontrolimporter' function. This makes it possible for authenticated attackers able to upload a separate PHAR payload as an image file to inje...
CVE-2024-3766 slowlyo OwlAdmin Image File Upload upload_image cross site scripting
A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/uploadimage of the component Image File Upload. The manipulation of the argument file leads to cross site scripting. Th...
CVE-2024-3766 slowlyo OwlAdmin Image File Upload upload_image cross site scripting
A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/uploadimage of the component Image File Upload. The manipulation of the argument file leads to cross site scripting. Th...
CVE-2024-3766
CVE-2024-3766 affects slowlyo OwlAdmin up to version 3.5.7. The issue resides in the Image File Upload component, specifically the /admin-api/upload_image path, where manipulation of the file argument enables cross-site scripting. The vulnerability can be triggered remotely, an exploit has been d...
CVE-2024-22526
Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...
CVE-2024-22526
Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...
Bandisoft bandiview 安全漏洞
Bandisoft bandiview is an image viewer and editor software from the Korean company Bandisoft. A security vulnerability exists in Bandisoft bandiview version v7.0, which originates from the presence of a buffer overflow vulnerability that could allow a local attacker to cause a denial of service D...
CVE-2024-22526
Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service DoS via exr image file...
CVE-2024-22526
Bandisoft Bandiview 7.0 is affected by CVE-2024-22526 due to a buffer overflow in EXR image handling, enabling a local attacker with low privileges and no user interaction to cause a DoS. The CVSS metrics indicate a local attack vector with a high impact on availability and no impact on confident...
AZL-38737 CVE-2024-25580 affecting package qtbase for versions less than 6.6.2-1
An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file...
CVE-2024-25580
An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file...
CVE-2024-25580
An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file...