Lucene search
K

511 matches found

NVD
NVD
added 2 days ago8 views

CVE-2026-11380

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animationeffect setting before it is rendered inside a...

6.4CVSS0.00156EPSS
Exploits0References2
CVE
CVE
added 2 days ago7 views

CVE-2026-11380

The CVE-2026-11380 entry concerns the WordPress plugin JetWidgets For Elementor. Affected: JetWidgets For Elementor (WordPress) versions up to and including 1.0.21. Vulnerability: Stored Cross-Site Scripting due to insufficient output escaping and missing server-side validation of the Animated Bo...

6.4CVSS5.9AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-40909

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animationeffect setting before it is rendered inside a...

6.4CVSS5.9AI score0.00156EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-11380 JetWidgets For Elementor <= 1.0.21 - Authenticated (Author+) Stored Cross-Site Scripting via Animated Box 'animation_effect' Setting

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.21. This is due to insufficient output escaping and missing server-side validation of the Animated Box widget's animationeffect setting before it is rendered inside a...

6.4CVSS0.00156EPSS
Exploits0References2
HackRead
HackRead
added 2026/06/10 6:18 p.m.17 views

How to Turn Images into Animated Videos with AI: A Wondershare Filmora Guide

This article was created in collaboration with Wondershare...

5.5AI score
Exploits0
CVE
CVE
added 2026/06/09 12:0 a.m.14 views

CVE-2026-30141

The CVE-2026-30141 entry concerns bitbank2 AnimatedGIF v2.2.0, where a vulnerability in DecodeLZW constitutes a buffer overflow. This allows remote attackers to cause a crash (DoS) or potentially execute arbitrary code via a crafted GIF file. The available documents specify the affected product a...

9.8CVSS6.3AI score0.00573EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/04 4:22 p.m.7 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict in the pngpushreadchunk function in the push-mode APNG parser. An attacker can inject chunked data with a malicious PNG file containing attacker-controlled bytes in an ignored ancillary chunk, which are then...

5.4CVSS5.5AI score0.00202EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 2:34 p.m.33 views

CVE-2026-40930 LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

5.4CVSS0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

libpng 安全漏洞

libpng is an open-source PNG reference library developed by The PNG Development Group. It allows for the creation, reading, and writing of PNG graphic files. Version 1.8.0 of LIBPNG contains a security vulnerability. This vulnerability stems from the inter-frame block discard path in the...

5.4CVSS5.3AI score0.00202EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/12 11:49 p.m.10 views

gimp: GIMP: Remote Code Execution via ANI File Parsing Integer Overflow

A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a specially crafted ANI Animated Cursor file or visiting a malicious web page. This issue stems from an integer overflow during the parsing of ANI files, caused by insufficient validation of...

7.8CVSS7.6AI score0.00664EPSS
Exploits0References6
OSV
OSV
added 2026/04/17 1:2 p.m.9 views

OESA-2026-1956 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS6.2AI score0.00755EPSS
Exploits0References5
OSV
OSV
added 2026/04/17 1:2 p.m.7 views

OESA-2026-1955 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

7.8CVSS7.5AI score0.00755EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/15 5:55 a.m.3 views

CVE-2026-33018

A flaw was found in libsixel, a SIXEL encoder/decoder implementation. This Use-After-Free vulnerability occurs when processing specially crafted animated Graphics Interchange Format GIF files. A remote attacker could exploit this by providing a malicious multi-frame GIF, causing the application t...

7CVSS6AI score0.00191EPSS
Exploits1References5
Snyk
Snyk
added 2026/04/14 11:32 p.m.6 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.3CVSS5.8AI score0.00273EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 11:32 p.m.6 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.8AI score0.00273EPSS
Exploits0References2
OSV
OSV
added 2026/04/14 10:16 p.m.7 views

DEBIAN-CVE-2026-33018

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS5.5AI score0.00191EPSS
Exploits1References1
OSV
OSV
added 2026/04/14 10:16 p.m.1 views

UBUNTU-CVE-2026-33018

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS5.8AI score0.00191EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/14 9:45 p.m.5 views

EUVD-2026-22740

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS5.8AI score0.00191EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/04/14 9:45 p.m.5 views

CVE-2026-33018

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS5.5AI score0.00191EPSS
Exploits1
Cvelist
Cvelist
added 2026/04/14 9:45 p.m.20 views

CVE-2026-33018 libsixel: Use-After-Free in load_gif()

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS0.00191EPSS
Exploits1References2
Rows per page
Query Builder