Lucene search
K

232 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-11963

Malware in sbrugna...

8.8CVSS8.3AI score0.02067EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-5329

Malicious code in bioql PyPI...

5.3CVSS9.1AI score0.00575EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-2818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large...

8.8CVSS7.1AI score0.01977EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-2814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing...

8.8CVSS7.3AI score0.02716EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-5060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer...

8.8CVSS8.7AI score0.04043EPSS
Exploits1References2
Snyk
Snyk
added 2025/07/29 2:43 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering of markdown images with arbitrary URLs. An attacker can obtain the IP address, browser User-Agent, and potentially other request-specific information of users by embedding image URLs that are...

9.8CVSS5.3AI score0.02095EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:50 a.m.6 views

CVE-2023-32763

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

7.5CVSS7.2AI score0.01287EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 4:15 p.m.35 views

CVE-2025-32371

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. A url could be crafted to the DNN ImageHandler to render text from a querystring parameter. This text would display in the resulting image and a user that trusts the domain might think that t...

4.3CVSS0.00263EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/28 2:23 a.m.9 views

CVE-2025-0235

Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver...

5.3CVSS6.8AI score0.00575EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/26 1:56 a.m.16 views

CVE-2025-0235

Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver...

5.3CVSS0.00575EPSS
Exploits0References1
CVE
CVE
added 2025/02/26 1:56 a.m.66 views

CVE-2025-0235

CVE-2025-0235 is an out-of-bounds vulnerability caused by improper memory release during image rendering in Canon printer drivers: Generic PCL6 V4 Printer Driver, Generic UFR II V4 Printer Driver, and Generic LIPSLX V4 Printer Driver. The connected sources corroborate the same root cause across t...

5.3CVSS7.1AI score0.00575EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/26 1:56 a.m.6 views

CVE-2025-0235

Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver...

5.3CVSS5.3AI score0.00575EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.5 views

PT-2025-4863 · Unknown · Exif Viewer Classic

Name of the Vulnerable Software and Affected Versions: EXIF Viewer Classic versions 2.3.2 through 2.4.0 Description: The issue is caused by improper handling of EXIF meta data, leading to a cross-site scripting vulnerability. When an image is rendered and crafted EXIF meta data is processed, an...

6.1CVSS6.7AI score0.00347EPSS
Exploits0References8
Fedora
Fedora
added 2024/05/16 1:52 a.m.25 views

[SECURITY] Fedora 40 Update: djvulibre-3.5.28-9.fc40

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

6.5CVSS6.7AI score0.00869EPSS
Exploits2
NVD
NVD
added 2024/04/04 6:15 p.m.19 views

CVE-2024-25697

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which when opening an authenticated users bio page will render an image in the victims browser. The privileges required to execute...

5.4CVSS5.8AI score0.00377EPSS
Exploits0References1
NVD
NVD
added 2024/04/04 6:15 p.m.14 views

CVE-2024-25696

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

4.8CVSS5.4AI score0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/04 5:53 p.m.10 views

CVE-2024-25696 Stored XSS in Portal for ArcGIS

There is a Cross-site Scripting vulnerability in Portal for ArcGIS in versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when accessing the page editor an image will render in the victim’s browser. The privileges required to execute this attack...

4.8CVSS5.4AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2024/04/04 5:53 p.m.94 views

CVE-2024-25697

Summary: CVE-2024-25697 is a stored cross-site scripting issue in Portal for ArcGIS (versions 11.1 and below) where a crafted link, triggered by an authenticated user viewing a bio page, can cause an image to render in the victim’s browser. The attack requires low privileges and authenticated acc...

5.4CVSS5.8AI score0.00377EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.5 views

PT-2024-21094 · Esri · Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Portal for ArcGIS versions =11.0 Description: The issue is related to a Cross-site Scripting vulnerability that may allow a remote, authenticated attacker to create a crafted link. When the victim accesses the page editor, an image will rende...

4.8CVSS6.6AI score0.00373EPSS
Exploits0References3
NVD
NVD
added 2023/11/20 6:15 p.m.36 views

CVE-2023-48240

XWiki Platform is a generic wiki platform. The rendered diff in XWiki embeds images to be able to compare the contents and not display a difference for an actually unchanged image. For this, XWiki requests all embedded images on the server side. These requests are also sent for images from other...

9CVSS0.0071EPSS
Exploits0References3
Rows per page
Query Builder