20 matches found
Astra Linux – Vulnerability in libwebp
A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the ShiftBytes function...
Astra Linux – Vulnerability in libwebp
A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the GetLE16 function...
CVE-2026-45430
The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...
CVE-2025-53237 WordPress WP Wizard Cloak Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Soflyy WP Wizard Cloak wp-wizard-cloak allows Reflected XSS.This issue affects WP Wizard Cloak: from n/a through = 1.0.1...
CVE-2026-0946
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting XSS.This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1...
CVE-2026-0946 AT Internet SmartTag - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-003
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal AT Internet SmartTag allows Cross-Site Scripting XSS.This issue affects AT Internet SmartTag: from 0.0.0 before 1.0.1...
PT-2026-51155
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 1.0.1 Description Unsafe pickle deserialization allows unauthenticated attackers to create arbitrary zero-byte files. This is achieved through the instantiation of the logging.FileHandler class. By crafting malicio...
PT-2025-48709
CVE-2025-12630 The https://t.co/qJXADBHssq WordPress plugin before 1.0.1 is vulnerable to arbitrary option disclosure due to a missing capability check on its AJAX request handler, allowing user… https://t.co/IEMrlN1EhJ...
GHSA-JXP8-4JW5-5XJC Drupal Umami Analytics allows Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS. This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
CVE-2025-10931
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Umami Analytics allows Cross-Site Scripting XSS.This issue affects Umami Analytics: from 0.0.0 before 1.0.1...
EUVD-2006-2978
Malware in sbrugna...
SAMSUNG Memory Card & UFD Authentication Utility PC Software Code Issue Vulnerability
SAMSUNG Memory Card & UFD Authentication Utility PC Software is a memory card and UFD authentication utility program from SAMSUNG Korea. A security vulnerability exists in SAMSUNG Memory Card & UFD Authentication Utility PC Software prior to version 1.0.1, which stems from a DLL hijacking...
CVE-2023-3716
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oduyo Online Collection Software allows SQL Injection.This issue affects Online Collection Software: before 1.0.1...
DEBIAN-CVE-2018-25012
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24...
DEBIAN-CVE-2018-25013
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes...
libwebp 缓冲区错误漏洞
Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of libwebp prior to 1.0.1. An attacker can exploit the vulnerability to affect data confidentiality, integrity, and system availability...
libwebp 缓冲区错误漏洞
Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from a heap buffer overflow in the WebPDecodeRGBInto function, caused by an invalid check of the buffer size. An attacker can exploit the...
WordPress cp-polls plugin cross-site scripting vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress cp-polls plugin versions prior to 1.0.1. The vulnerability stems...
GHSA-2MHH-W6Q8-5HXW Remote Memory Disclosure in ws
Versions of ws prior to 1.0.1 are affected by a remote memory disclosure vulnerability. In certain rare circumstances, applications which allow users to control the arguments of a client.ping call will cause ws to send the contents of an allocated but non-zero-filled buffer to the server. This ma...
DEBIAN-CVE-2017-12959
There is a reachable assertion abort in the function dictaddmrset in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack...