CVE-2015-10105 IP Blacklist Cloud Plugin CSV File Import ip_blacklist_cloud.php valid_js_identifier path traversal

A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function validjsidentifier of the file ipblacklistcloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It i...

PT-2023-10284 · WordPress · Ip Blacklist Cloud Plugin

Name of the Vulnerable Software and Affected Versions: IP Blacklist Cloud Plugin versions up to 3.42 Description: A critical vulnerability was found in the IP Blacklist Cloud Plugin on WordPress, affecting the valid js identifier function of the ip blacklist cloud.php file in the CSV File Import...

SUSE CVE-2018-3847

Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this...

WordPress plugin WPUpper Share Buttons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2018-19020

When CX-Supervisor Versions 3.42 and prior processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array...

CVE-2018-19020

When CX-Supervisor Versions 3.42 and prior processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array...

CVE-2018-19019

A type confusion vulnerability exists when processing project files in CX-Supervisor Versions 3.42 and prior. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application...

Omron CX-Supervisor Command Injection Vulnerability (NVD-C-2019-12033)

Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A command injection vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to inject commands via a...

Multiple Buffer Overflow Vulnerabilities in CFITSIO

CFITSIO library is a C library for reading and writing data files in FITS Flexible Image Transfer System data format. Multiple buffer overflow vulnerabilities exist in the image parsing functionality in CFITSIO library version 3.42. An attacker can exploit this vulnerability by sending a speciall...

UBUNTU-CVE-2018-3847

Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this...

PT-2018-16241 · Nasa · Cfitsio

Name of the Vulnerable Software and Affected Versions: CFITSIO library version 3.42 Description: Multiple exploitable buffer overflow vulnerabilities exist in the image parsing functionality. Specially crafted images parsed via the library can cause a stack-based buffer overflow, overwriting...

NASA CFITSIO 'ffghtb' function heap buffer overflow vulnerability

NASA CFITSIO is a FITS file subroutine library for reading and writing data files in FITS Flexible Image Transfer System format. A heap buffer overflow vulnerability exists in the 'ffghtb' function in NASA CFITSIO version 3.42. An attacker could exploit this vulnerability by sending a FIT image t...

PT-2018-16243 · Nasa +1 · Cfitsio +1

Name of the Vulnerable Software and Affected Versions: NASA CFITSIO version 3.42 Description: The issue is related to a stack-based buffer overflow in the ffghtb function. This can be triggered by specially crafted images parsed via the library, potentially allowing an attacker to overwrite...