CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

767 matches found

Patchstack•added 2019/06/16 12:0 a.m.•7 views

WordPress WebP Express plugin <= 0.14.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found in WordPress WebP Express plugin versions = 0.14.0. Solution Update the WordPress WebP Express plugin to the latest available version at least 0.14.1...

3.2AI score

Exploits0References1Affected Software1

WPVulnDB•added 2019/06/16 12:0 a.m.•24 views

WebP Express <= 0.14.10 - Multiple Issues

- Arbitrary File Viewing - CRSF - XSS including https://wpvulndb.com/vulnerabilities/9389 - Unauthorised Access...

5CVSS2AI score0.01779EPSS

Exploits0References1Affected Software1

UbuntuCve•added 2019/05/23 6:29 p.m.•20 views

CVE-2016-9969

In libwebp 0.5.1, there is a double free bug in libwebpmux...

7.5CVSS7.1AI score0.01177EPSS

Exploits1References1

PyPA•added 2019/05/23 6:29 p.m.•5 views

PYSEC-2019-256

In libwebp 0.5.1, there is a double free bug in libwebpmux...

7.5CVSS6.9AI score0.01177EPSS

Exploits1References3Affected Software1

Tenable Nessus•added 2019/05/16 12:0 a.m.•25 views

Fedora 30 : php-pecl-imagick (2019-488d0f9a4b)

Version 3.4.4 - The 3.4.4 release is intended to be the last release other than small bug fixes that will support either PHP 5.x, or ImageMagick 6.x. The next planned release will be PHP 7.0 and ImageMagick 7.0 at least, if not higher. - Added: - function Imagick::optimizeImageTransparency -...

9.8CVSS7AI score0.01972EPSS

Exploits0References2

vulnersOsv•added 2019/02/18 11:57 p.m.•1 views

grunt-dwebp (>=0.1.0 <=1.1.2), gulp-dwebp (>=0.1.0 <=1.0.2) +1 more potentially affected by CVE-2016-10633 via dwebp-bin (>=0.1.6 <=1.0.0)

dwebp-bin NPM version =0.1.6, =0.1.0, =0.1.0, =0.2.8, =0.2.9 Source cves: CVE-2016-10633 Source advisory: OSV:GHSA-4PF7-579W-F4GM...

9.3CVSS7.2AI score0.01752EPSS

Exploits0

Positive Technologies•added 2018/11/22 12:0 a.m.•2 views

PT-2018-3680 · Google +9 · Libwebp +9

Name of the Vulnerable Software and Affected Versions: libwebp versions prior to 1.0.1 Description: A heap-based buffer overflow was found in the ApplyFilter function, which can be exploited by creating a specially crafted file, allowing a remote attacker to access confidential information. This...

9.8CVSS8.1AI score0.02558EPSS

Exploits0References136

Positive Technologies•added 2018/11/22 12:0 a.m.•3 views

PT-2020-6124 · Google +9 · Libwebp +9

Name of the Vulnerable Software and Affected Versions: libwebp versions prior to 1.0.1 Description: A flaw was found in libwebp, related to an out-of-bounds read in the ChunkAssignData function. This issue poses a threat to data confidentiality and service availability. Exploitation of this flaw...

9.8CVSS7.8AI score0.02558EPSS

Exploits0References142

Mageia•added 2018/10/26 6:47 p.m.•36 views

Updated exempi packages fix security vulnerability

It was found that the WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBPSupport.hpp in Exempi 2.4.5 has a NULL pointer dereference CVE-2018-12648...

7.5CVSS2AI score0.02271EPSS

Exploits1References2

PyPA•added 2018/07/13 3:29 p.m.•4 views

PYSEC-2018-133

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

8.8CVSS7.2AI score0.01688EPSS

Exploits1References3Affected Software1

UbuntuCve•added 2018/06/22 1:29 p.m.•20 views

CVE-2018-12648

The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBPSupport.hpp in Exempi 2.4.5 has a NULL pointer dereference...

7.5CVSS6.7AI score0.02271EPSS

Exploits1References2