165 matches found
CVE-2025-7828
The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...
Linux Distros Unpatched Vulnerability : CVE-2019-14289
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the multiple bytes per line cas...
Linux Distros Unpatched Vulnerability : CVE-2019-14288
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the one byte per line case...
CVE-2025-7828 WP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion
The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the postlistingpage function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-7828
CVE-2025-7828 affects the WordPress plugin WP Filter & Combine RSS Feeds (versions up to 0.4). Root cause: missing capability check in post_listing_page(), allowing authenticated attackers with Contributor-level access and above to delete feeds (unauthorized modification of data). Public details ...
WordPress plugin WP Filter & Combine RSS Feeds Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-34510 · WordPress · Wp Filter & Combine Rss Feeds
Name of the Vulnerable Software and Affected Versions: WP Filter & Combine RSS Feeds plugin for WordPress versions up to and including 0.4 Description: The WP Filter & Combine RSS Feeds plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check...
The vulnerability in the JBIG2Bitmap::combine() function of the Poppler PDF file rendering library allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the JBIG2Bitmap::combine function in the Poppler PDF rendering library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method Path.Combine from .NET without proper sanitisation. This yields the possibility of including local files, as...
CVE-2023-37769
stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combineinner at /pixman-combine-float.c...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
OESA-2025-1390 poppler security update
is a PDF rendering library. Security Fixes: A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INTMIN.CVE-2025-32364 Poppler before 25.04.0 allows crafted input files to trigger...
Security update for poppler
This update for poppler fixes the following issues: CVE-2025-32364: Fixed a floating point exception. bsc1240880 CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. bsc1240881 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...
UBUNTU-CVE-2025-32365
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to a misplaced isOk check in the JBIG2Bitmap::combine function. Remediation Upgrade poppler to version 25.11.0 or higher. References - Gitlab Commit - Gitlab Issues - Gitlab PR - Red Hat Bugzilla Bug...
CVE-2025-32365
Affected software: Poppler (PDF rendering library). Vulnerability: CVE-2025-32365 allows an out-of-bounds read in JBIG2Bitmap::combine within JBIG2Stream.cc due to a misplaced isOk check. Impact (per sources): high confidentiality impact and high availability impact; attack vector LOCAL, user int...
PHP Parser 安全漏洞
PHP Parser is a PHP parser written in PHP by Nikita Popov, a personal developer. A security vulnerability exists in PHP Parser version v3.2.1, which stems from the lib.combine function containing a prototype contamination vulnerability...
Malicious code in combine_assets_store (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aa4e8f55b1bba97340610f1c4d32d8d9f895f7a296684818056f2e994d2e7a69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MGASA-2025-0022 Updated poppler packages fix security vulnerability
libpoppler.so has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. CVE-2024-56378...
Updated poppler packages fix security vulnerability
libpoppler.so has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. CVE-2024-56378...