Drupal AI (Artificial Intelligence) module < 1.0.5 - Authenticated Remote Code Execution (RCE) vulnerability

Authenticated Remote Code Execution RCE vulnerability discovered by Drew Webber mcdruid in WordPress Module AI Artificial Intelligence versions 1.0.5...

PT-2024-33130 · Unknown · Php-Heic-To-Jpg

Name of the Vulnerable Software and Affected Versions: php-heic-to-jpg versions 1.0.5 and below Description: The issue allows an attacker who can upload heic images to execute code on the remote server via the file name, resulting in a loss of confidentiality, integrity, and availability...

FreeXL heap buffer out-of-bounds read vulnerability (CNVD-2018-05154)

FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A heap buffer out-of-bounds read vulnerability exists in the 'parseSST' function in versions of FreeXL prior to 1.0.5. An attacker can exploit this...