181 matches found
CVE-2023-44216
PVRIC PowerVR Image Compression on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately...
CVE-2023-44216
The CVE-2023-44216 entry concerns PVRIC (PowerVR Image Compression) on Imagination 2018+ GPU devices. The vulnerability stems from software-transparent compression that enables cross-origin pixel-stealing attacks against SVG Filter functions like feTurbulence and feBlend (GPU.zip issue). Affected...
Important: Red Hat Security Advisory: libwebp security update
An update for libwebp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Fedora: Security Advisory (FEDORA-2023-f8319bd876)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2023-28244 · Unknown · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...
ImageRecycle pdf & image compression < 3.1.11 - Reflected XSS
Description The plugin does not sanitise and escape the page parameters before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-40196
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.11 versions...
CVE-2023-40196
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.11 versions...
CVE-2023-40196 WordPress ImageRecycle pdf & image compression Plugin <= 3.1.11 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.11 versions...
CVE-2023-40196
CVE-2023-40196 describes an unauthenticated Reflected Cross-Site Scripting (XSS) in the WordPress plugin ImageRecycle pdf & image compression (versions
CVE-2023-30494
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.10 versions...
WordPress ImageRecycle pdf & image compression Plugin <= 3.1.11 is vulnerable to Cross Site Scripting (XSS)
Software ImageRecycle pdf & image compression Type Plugin Vulnerable versions = 3.1.11 Fixed in 3.1.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40196 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3a5e55d72b53...
WordPress WordPress Image Compression and Optimizer Plugin â CheetahO Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)
Software WordPress Image Compression and Optimizer Plugin â CheetahO Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID...
[SECURITY] [DLA 3439-1] libwebp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3439-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 31, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
Important: Red Hat Security Advisory: libwebp security update
An update for libwebp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...
USN-5952-1: OpenJPEG vulnerabilities
Sebastian Poeplau discovered that OpenJPEG incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affecte...
SUSE CVE-2015-6778
The CJBig2SymbolDict class in fxcodec/jbig2/JBig2SymbolDict.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via a PDF document containing crafted data with JBIG2...
CVE-2022-4104
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service...
CVE-2022-4104
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service...
CVE-2022-4104
CVE-2022-4104 affects the Lepton image compression tool (Dropbox Lepton). The vulnerability is caused by a loop with an unreachable exit condition that can be triggered by passing a crafted JPEG file, resulting in a denial of service. Reported impact in sources notes a DoS condition; exploitation...