242 matches found
CVE-2025-11014
A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...
DEBIAN-CVE-2025-11014
A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...
UBUNTU-CVE-2025-11014
A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...
CVE-2025-11014 OGRECave Ogre Image OgreSTBICodec.cpp encode heap-based overflow
A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...
CVE-2025-11014
CVE-2025-11014 affects OGRECave OGRE up to 14.4.1, specifically the function STBIImageCodec::encode in OgreSTBICodec.cpp under the Image Handler. The issue is a heap-based buffer overflow, exploitable via local access, with an exploit publicly released. Several connected sources (Snyk entries and...
CVE-2025-11014 OGRECave Ogre Image OgreSTBICodec.cpp encode heap-based overflow
A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...
Vvveb 安全漏洞
Vvveb is a powerful and easy-to-use CMS from Givan Individual Developers for building websites, blogs or e-commerce stores. A security vulnerability exists in Vvveb version 1.0.7.2 and earlier, which stems from an information disclosure issue in the Image Handler component...
PT-2025-39656
Name of the Vulnerable Software and Affected Versions givanz Vvveb versions up to 1.0.7.2 Description A security flaw exists in the Image Handler component of givanz Vvveb. Manipulation of this component can lead to information disclosure. Remote exploitation is possible, and the exploit has been...
PT-2025-39635
Name of the Vulnerable Software and Affected Versions OGRECave Ogre versions up to 14.4.1 Description A security flaw exists in OGRECave Ogre, potentially leading to a heap-based buffer overflow. The issue is located within the STBIImageCodec::encode function in the...
CVE-2025-10254
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10254
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10254
Affected software: Ascensio System SIA OnlyOffice up to 12.7.0. Vulnerable component: SVG Image Handler processing of /Products/Projects/Messages.aspx. Root cause: unknown processing leads to cross-site scripting. Impact: cross-site scripting with remote initiation potential; exploit publicly ava...
CVE-2025-10254 Ascensio System SIA OnlyOffice SVG Image Messages.aspx cross site scripting
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10254 Ascensio System SIA OnlyOffice SVG Image Messages.aspx cross site scripting
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
Ascensio System ONLYOFFICE 安全漏洞
Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in Ascensio System ONLYOFFICE version 12.7.0 and earlier, which stems from improper handling of the SVG Image Handler component in file/Products/Projects/Messages.aspx, which could lead ...
PT-2025-37191
Name of the Vulnerable Software and Affected Versions: OnlyOffice versions up to 12.7.0 Description: A cross site scripting issue exists due to unknown processing of the file /Products/Projects/Messages.aspx within the SVG Image Handler component. The attack can be initiated remotely. The exploit...
CVE-2025-9416
A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results in cross site scripting. The attack may be performed from a remote location. The exploit has been...
CVE-2025-9422
A vulnerability was found in oitcode samarium up to 0.9.6. This impacts an unknown function of the file /dashboard/team of the component Team Image Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used...
SUSE-SU-2025:20663-1 Security update for jbigkit
This update for jbigkit fixes the following issues: - CVE-2022-1210: Malicious file leads to a denial of service in TIFF File Handler bsc1198146...
CVE-2025-9422
A vulnerability was found in oitcode samarium up to 0.9.6. This impacts an unknown function of the file /dashboard/team of the component Team Image Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used...