767 matches found
ALPINE-CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...
CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...
PT-2019-13134 · Exiv2 +6 · Exiv2 +6
Name of the Vulnerable Software and Affected Versions: Exiv2 versions 0.27.1 and earlier Description: The issue is related to an integer overflow in the WebPImage::decodeChunks function, which can be triggered by a crafted WEBP image file. This can cause a denial of service due to a large heap...
openSUSE: Security Advisory for exempi (openSUSE-SU-2019:1649-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : exempi (openSUSE-2019-1657)
This update for exempi fixes the following issues : - CVE-2018-12648: Fixed a NULL pointer dereference crash issue when processing webp files bsc1098946. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks i...
openSUSE Security Update : exempi (openSUSE-2019-1649)
This update for exempi fixes the following issues : - CVE-2018-12648: Fixed a NULL pointer dereference crash issue when processing webp files bsc1098946. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...
OPENSUSE-SU-2019:1657-1 Security update for exempi
This update for exempi fixes the following issues: - CVE-2018-12648: Fixed a NULL pointer dereference crash issue when processing webp files bsc1098946. This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2019:1649-1 Security update for exempi
This update for exempi fixes the following issues: - CVE-2018-12648: Fixed a NULL pointer dereference crash issue when processing webp files bsc1098946. This update was imported from the SUSE:SLE-15:Update update project...
WordPress WebP Converter for Media plugin <= 1.0.2 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability found WordPress WebP Converter for Media plugin versions = 1.0.2. Solution Update the WordPress WebP Converter for Media plugin to the latest available version at least 1.0.3...
WebP Converter for Media <= 1.0.2 - Cross-Site Request Forgery (CSRF)
The WebP Converter for Media WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...
Security update for exempi (moderate)
openSUSE Security Update: Security update for exempi Announcement ID: openSUSE-SU-2019:1649-1 Rating: moderate References: 1098946 Cross-References: CVE-2018-12648 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for exempi...
WordPress WebP Express plugin <= 0.14.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability found by M0ns7er in WordPress WebP Express plugin versions = 0.14.4. Solution Update the WordPress WebP Express plugin to the latest available version at least 0.14.8...
WebP Express <= 0.14.4 - Authenticated Stored XSS
Edit - WPScanTeam: The reported issue has been fixed in 0.14.5. Other sanitisation checks have been implemented in newest versions such as 0.14.6 and 0.14.8 while the plugin was closed, so the fixed in is set to 0.14.8 PoC Video POC :...
WebP Express <= 0.14.4 - Authenticated Stored XSS
Edit - WPScanTeam: The reported issue has been fixed in 0.14.5. Other sanitisation checks have been implemented in newest versions such as 0.14.6 and 0.14.8 while the plugin was closed, so the fixed in is set to 0.14.8 Video POC :...
SUSE SLED15 / SLES15 Security Update : exempi (SUSE-SU-2019:1603-1)
This update for exempi fixes the following issues : CVE-2018-12648: Fixed a NULL pointer dereference crash issue when processing webp files bsc1098946. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted ...
SUSE-SU-2019:1603-1 Security update for exempi
This update for exempi fixes the following issues: - CVE-2018-12648: Fixed a NULL pointer dereference crash issue when processing webp files bsc1098946...