Lucene search
K

181 matches found

Cvelist
Cvelist
added 2023/09/26 12:0 a.m.25 views

CVE-2023-44216

PVRIC PowerVR Image Compression on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately...

5.6AI score0.01809EPSS
Exploits1References9
CVE
CVE
added 2023/09/26 12:0 a.m.77 views

CVE-2023-44216

The CVE-2023-44216 entry concerns PVRIC (PowerVR Image Compression) on Imagination 2018+ GPU devices. The vulnerability stems from software-transparent compression that enables cross-origin pixel-stealing attacks against SVG Filter functions like feTurbulence and feBlend (GPU.zip issue). Affected...

5.3CVSS5.3AI score0.01809EPSS
Exploits1References9Affected Software5
RedHat Linux
RedHat Linux
added 2023/09/20 4:46 p.m.62 views

Important: Red Hat Security Advisory: libwebp security update

An update for libwebp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.8CVSS7.5AI score0.99735EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2023/09/16 12:0 a.m.18 views

Fedora: Security Advisory (FEDORA-2023-f8319bd876)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.5AI score0.99735EPSS
Exploits9References5
Positive Technologies
Positive Technologies
added 2023/09/08 12:0 a.m.5 views

PT-2023-28244 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

5.5CVSS7.1AI score0.00391EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2023/09/07 12:0 a.m.15 views

ImageRecycle pdf & image compression < 3.1.11 - Reflected XSS

Description The plugin does not sanitise and escape the page parameters before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00331EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/09/04 12:15 p.m.20 views

CVE-2023-40196

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.11 versions...

7.1CVSS6.2AI score0.00331EPSS
Exploits0References1
OSV
OSV
added 2023/09/04 12:15 p.m.4 views

CVE-2023-40196

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.11 versions...

6.1CVSS7.3AI score0.00331EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/04 11:15 a.m.25 views

CVE-2023-40196 WordPress ImageRecycle pdf & image compression Plugin <= 3.1.11 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.11 versions...

7.1CVSS6.3AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2023/09/04 11:15 a.m.48 views

CVE-2023-40196

CVE-2023-40196 describes an unauthenticated Reflected Cross-Site Scripting (XSS) in the WordPress plugin ImageRecycle pdf & image compression (versions

7.1CVSS6AI score0.00331EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/09/04 11:15 a.m.5 views

CVE-2023-30494

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.10 versions...

6.1CVSS7.3AI score0.00331EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/08/11 12:0 a.m.21 views

WordPress ImageRecycle pdf & image compression Plugin <= 3.1.11 is vulnerable to Cross Site Scripting (XSS)

Software ImageRecycle pdf & image compression Type Plugin Vulnerable versions = 3.1.11 Fixed in 3.1.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40196 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3a5e55d72b53...

7.1CVSS5.6AI score0.00331EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/19 12:0 a.m.8 views

WordPress WordPress Image Compression and Optimizer Plugin – CheetahO Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Image Compression and Optimizer Plugin – CheetahO Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID...

6AI score0.00284EPSS
Exploits0References3Affected Software1
Debian
Debian
added 2023/05/31 2:32 p.m.19 views

[SECURITY] [DLA 3439-1] libwebp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3439-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 31, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

7.5CVSS7.2AI score0.00952EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/05/02 6:50 a.m.38 views

Important: Red Hat Security Advisory: libwebp security update

An update for libwebp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

7.5CVSS6.8AI score0.00952EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/03/15 11:56 a.m.74 views

USN-5952-1: OpenJPEG vulnerabilities

Sebastian Poeplau discovered that OpenJPEG incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affecte...

8.8CVSS7.4AI score0.04932EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.4 views

SUSE CVE-2015-6778

The CJBig2SymbolDict class in fxcodec/jbig2/JBig2SymbolDict.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via a PDF document containing crafted data with JBIG2...

7.5CVSS9.4AI score0.01682EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/11/28 7:15 p.m.20 views

CVE-2022-4104

A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service...

5.5CVSS6AI score0.0032EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/28 12:0 a.m.7 views

CVE-2022-4104

A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service...

5.4AI score0.0032EPSS
Exploits1References1
CVE
CVE
added 2022/11/28 12:0 a.m.66 views

CVE-2022-4104

CVE-2022-4104 affects the Lepton image compression tool (Dropbox Lepton). The vulnerability is caused by a loop with an unreachable exit condition that can be triggered by passing a crafted JPEG file, resulting in a denial of service. Reported impact in sources notes a DoS condition; exploitation...

5.5CVSS5.3AI score0.0032EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder