Lucene search
K

778 matches found

OSV
OSV
added 2023/08/22 7:15 p.m.0 views

DEBIAN-CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

6.5CVSS6.7AI score0.00797EPSS
Exploits1References1
OSV
OSV
added 2023/08/22 7:15 p.m.5 views

UBUNTU-CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

6.5CVSS7.1AI score0.00797EPSS
Exploits1References2
Prion
Prion
added 2023/08/22 7:15 p.m.18 views

Buffer overflow

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

4.3CVSS6.3AI score0.00797EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.3 views

exempi 缓冲区错误漏洞

exempi is an open source XMP library from libopenraw. A security vulnerability exists in exempi version 2.5.0 and earlier versions, which stems from a buffer overflow vulnerability in WEBPSupport.cpp...

6.5CVSS7AI score0.00797EPSS
Exploits1References5
CVE
CVE
added 2023/08/22 12:0 a.m.128 views

CVE-2020-18652

CVE-2020-18652 is a buffer overflow vulnerability in exempi’s WEBP_Support.cpp (affected in exempi 2.5.0 and earlier) that allows remote denial of service by opening a crafted webp file. Connected advisories from MiracleLinux, TencentOS, Rocky Linux, Oracle Linux, Red Hat, AlmaLinux, CentOS, etc....

6.5CVSS6.2AI score0.00797EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/22 12:0 a.m.11 views

CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

6.7AI score0.00797EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/08/22 12:0 a.m.5 views

PT-2023-11505 · Exempi +6 · Exempi +6

Name of the Vulnerable Software and Affected Versions: exempi versions 2.5.0 and earlier Description: The issue allows remote attackers to cause a denial of service via the opening of crafted webp files. This is due to a Buffer Overflow vulnerability in the WEBP Support.cpp file. Recommendations:...

9.3CVSS5.9AI score0.05409EPSS
Exploits2References85
Debian CVE
Debian CVE
added 2023/08/22 12:0 a.m.26 views

CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

6.5CVSS6.8AI score0.00797EPSS
Exploits1
Cvelist
Cvelist
added 2023/08/22 12:0 a.m.24 views

CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

6.3AI score0.00797EPSS
Exploits1References3
Cent OS
Cent OS
added 2023/07/27 2:42 p.m.957 views

libwebp security update

CentOS Errata and Security Advisory CESA-2023:2077 An update for libwebp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS6.8AI score0.00952EPSS
Exploits0References7
NVD
NVD
added 2023/07/20 8:15 p.m.21 views

CVE-2023-30200

In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” ultimateimagetool in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack...

7.5CVSS7.5AI score0.00558EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/07/20 8:15 p.m.2 views

CVE-2023-30200

In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” ultimateimagetool in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack...

7.5CVSS7AI score0.00558EPSS
Exploits0References3
CVE
CVE
added 2023/07/20 12:0 a.m.57 views

CVE-2023-30200

The CVE-2023-30200 entry concerns the PrestaShop Advanced Plugins module, specifically the Image: WebP, Compress, Zoom, Lazy load, Alt & More (ultimateimagetool) up to version 2.1.02. The vulnerability is a path traversal flaw that allows a guest to download personal information without restricti...

7.5CVSS7.4AI score0.00558EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/07/17 2:15 p.m.24 views

CVE-2023-2143

The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability...

5.4CVSS0.0032EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/17 1:29 p.m.16 views

CVE-2023-2143 Enable SVG, WebP & ICO Upload <= 1.0.3 - Author+ Stored XSS

The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability...

6.2AI score0.0032EPSS
Exploits1References1
CVE
CVE
added 2023/07/17 1:29 p.m.54 views

CVE-2023-2143

The CVE-2023-2143 entry concerns the WordPress plugin Enable SVG, WebP & ICO Upload (versions up to 1.0.3). Root cause: the plugin does not sanitize SVG contents, enabling Cross-Site Scripting. Impact is Cross-Site Scripting as described in multiple trusted sources. Exploitation details are not p...

5.4CVSS5.5AI score0.0032EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/07/17 1:29 p.m.25 views

CVE-2023-2143 Enable SVG, WebP & ICO Upload <= 1.0.3 - Author+ Stored XSS

The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability...

5.6AI score0.0032EPSS
Exploits1References1
Redos
Redos
added 2023/07/06 12:0 a.m.12 views

ROS-2-1481

2.1481 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.44 views

ROS-2-555

2.555 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

9.8CVSS8.7AI score0.02662EPSS
Exploits0
Patchstack
Patchstack
added 2023/06/27 12:0 a.m.12 views

WordPress Enable SVG, WebP & ICO Upload Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Enable SVG, WebP & ICO Upload Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2143 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c3213d756c76 Credits Mateus Macha...

5.4CVSS5.7AI score0.0032EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder