778 matches found
DEBIAN-CVE-2020-18652
Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...
UBUNTU-CVE-2020-18652
Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...
Buffer overflow
Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...
exempi 缓冲区错误漏洞
exempi is an open source XMP library from libopenraw. A security vulnerability exists in exempi version 2.5.0 and earlier versions, which stems from a buffer overflow vulnerability in WEBPSupport.cpp...
CVE-2020-18652
CVE-2020-18652 is a buffer overflow vulnerability in exempi’s WEBP_Support.cpp (affected in exempi 2.5.0 and earlier) that allows remote denial of service by opening a crafted webp file. Connected advisories from MiracleLinux, TencentOS, Rocky Linux, Oracle Linux, Red Hat, AlmaLinux, CentOS, etc....
CVE-2020-18652
Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...
PT-2023-11505 · Exempi +6 · Exempi +6
Name of the Vulnerable Software and Affected Versions: exempi versions 2.5.0 and earlier Description: The issue allows remote attackers to cause a denial of service via the opening of crafted webp files. This is due to a Buffer Overflow vulnerability in the WEBP Support.cpp file. Recommendations:...
CVE-2020-18652
Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...
CVE-2020-18652
Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...
libwebp security update
CentOS Errata and Security Advisory CESA-2023:2077 An update for libwebp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2023-30200
In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” ultimateimagetool in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack...
CVE-2023-30200
In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” ultimateimagetool in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack...
CVE-2023-30200
The CVE-2023-30200 entry concerns the PrestaShop Advanced Plugins module, specifically the Image: WebP, Compress, Zoom, Lazy load, Alt & More (ultimateimagetool) up to version 2.1.02. The vulnerability is a path traversal flaw that allows a guest to download personal information without restricti...
CVE-2023-2143
The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability...
CVE-2023-2143 Enable SVG, WebP & ICO Upload <= 1.0.3 - Author+ Stored XSS
The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability...
CVE-2023-2143
The CVE-2023-2143 entry concerns the WordPress plugin Enable SVG, WebP & ICO Upload (versions up to 1.0.3). Root cause: the plugin does not sanitize SVG contents, enabling Cross-Site Scripting. Impact is Cross-Site Scripting as described in multiple trusted sources. Exploitation details are not p...
CVE-2023-2143 Enable SVG, WebP & ICO Upload <= 1.0.3 - Author+ Stored XSS
The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability...
ROS-2-1481
2.1481 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-555
2.555 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
WordPress Enable SVG, WebP & ICO Upload Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Enable SVG, WebP & ICO Upload Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2143 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c3213d756c76 Credits Mateus Macha...