Lucene search
+L

165 matches found

RedhatCVE
RedhatCVE
added 2025/08/25 5:32 a.m.6 views

CVE-2025-7828

The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...

4.3CVSS6.8AI score0.00188EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-14289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the multiple bytes per line cas...

5.5CVSS6.5AI score0.00957EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-14288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the one byte per line case...

7.8CVSS7AI score0.01037EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/08/23 4:25 a.m.10 views

CVE-2025-7828 WP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion

The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...

4.3CVSS0.00188EPSS
Exploits0References2
CVE
CVE
added 2025/08/23 4:25 a.m.20 views

CVE-2025-7828

CVE-2025-7828 affects the WordPress plugin WP Filter & Combine RSS Feeds (versions up to 0.4). Root cause: missing capability check in post_listing_page(), allowing authenticated attackers with Contributor-level access and above to delete feeds (unauthorized modification of data). Public details ...

4.3CVSS6.4AI score0.00188EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/23 12:0 a.m.7 views

WordPress plugin WP Filter & Combine RSS Feeds Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS5.8AI score0.00188EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/23 12:0 a.m.6 views

PT-2025-34510 · WordPress · Wp Filter & Combine Rss Feeds

Name of the Vulnerable Software and Affected Versions: WP Filter & Combine RSS Feeds plugin for WordPress versions up to and including 0.4 Description: The WP Filter & Combine RSS Feeds plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check...

4.3CVSS6.3AI score0.00188EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.11 views

The vulnerability in the JBIG2Bitmap::combine() function of the Poppler PDF file rendering library allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the JBIG2Bitmap::combine function in the Poppler PDF rendering library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

4.3CVSS6.7AI score0.00632EPSS
Exploits1References14Affected Software8
RedhatCVE
RedhatCVE
added 2025/05/23 5:53 a.m.7 views

CVE-2023-22855

Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method Path.Combine from .NET without proper sanitisation. This yields the possibility of including local files, as...

9.8CVSS7.9AI score0.14832EPSS
Exploits8References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:12 a.m.9 views

CVE-2023-37769

stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combineinner at /pixman-combine-float.c...

6.5CVSS7.2AI score0.00505EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2025/04/17 11:2 a.m.6 views

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

5.1CVSS7.3AI score0.00234EPSS
Exploits2References8
OSV
OSV
added 2025/04/11 1:42 p.m.6 views

OESA-2025-1390 poppler security update

is a PDF rendering library. Security Fixes: A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INTMIN.CVE-2025-32364 Poppler before 25.04.0 allows crafted input files to trigger...

7.1CVSS6.9AI score0.00234EPSS
Exploits2References3
SUSE Linux
SUSE Linux
added 2025/04/08 1:36 p.m.2 views

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

5.1CVSS7AI score0.00234EPSS
Exploits2References8
OSV
OSV
added 2025/04/07 12:0 a.m.11 views

UBUNTU-CVE-2025-32365

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check...

7.1CVSS7.3AI score0.00234EPSS
Exploits1References3
Snyk
Snyk
added 2025/04/05 12:0 a.m.1 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to a misplaced isOk check in the JBIG2Bitmap::combine function. Remediation Upgrade poppler to version 25.11.0 or higher. References - Gitlab Commit - Gitlab Issues - Gitlab PR - Red Hat Bugzilla Bug...

7.1CVSS6.1AI score0.00234EPSS
Exploits1References2
CVE
CVE
added 2025/04/05 12:0 a.m.273 views

CVE-2025-32365

Affected software: Poppler (PDF rendering library). Vulnerability: CVE-2025-32365 allows an out-of-bounds read in JBIG2Bitmap::combine within JBIG2Stream.cc due to a misplaced isOk check. Impact (per sources): high confidentiality impact and high availability impact; attack vector LOCAL, user int...

7.1CVSS4.3AI score0.00234EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/02/05 12:0 a.m.5 views

PHP Parser 安全漏洞

PHP Parser is a PHP parser written in PHP by Nikita Popov, a personal developer. A security vulnerability exists in PHP Parser version v3.2.1, which stems from the lib.combine function containing a prototype contamination vulnerability...

7.5CVSS6.9AI score0.00427EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 8:45 a.m.4 views

Malicious code in combine_assets_store (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aa4e8f55b1bba97340610f1c4d32d8d9f895f7a296684818056f2e994d2e7a69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/01/24 7:46 p.m.6 views

MGASA-2025-0022 Updated poppler packages fix security vulnerability

libpoppler.so has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. CVE-2024-56378...

4.3CVSS4.4AI score0.00632EPSS
Exploits1References3
Mageia
Mageia
added 2025/01/24 7:46 p.m.16 views

Updated poppler packages fix security vulnerability

libpoppler.so has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. CVE-2024-56378...

4.3CVSS6.8AI score0.00632EPSS
Exploits1References2
Rows per page
Query Builder