1059 matches found
CVE-2024-49228
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CrossedCode bVerse Convert allows Stored XSS.This issue affects bVerse Convert: from n/a through 1.3.7.1...
CVE-2024-49228
CVE-2024-49228 describes a Stored XSS vulnerability in WordPress plugin bVerse Convert (versions
CVE-2024-49228 WordPress bVerse Convert plugin <= 1.3.7.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edwin Rivera bVerse Convert bverse-convert allows Stored XSS.This issue affects bVerse Convert: from n/a through = 1.3.7.1...
CVE-2024-49228 WordPress bVerse Convert plugin <= 1.3.7.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edwin Rivera bVerse Convert bverse-convert allows Stored XSS.This issue affects bVerse Convert: from n/a through = 1.3.7.1...
WordPress plugin bVerse Convert 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-33364 · Unknown · Bverse Convert
Name of the Vulnerable Software and Affected Versions: bVerse Convert versions 1.3.7.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...
WordPress bVerse Convert plugin <= 1.3.7.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin bVerse Convert versions = 1.3.7.1...
WordPress bVerse Convert Plugin <= 1.3.7.1 is vulnerable to Cross Site Scripting (XSS)
Software bVerse Convert Type Plugin Vulnerable versions = 1.3.7.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49228 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d79019a98035 Credits SOPROBRO Required privilege Contributor...
CVE-2024-43829
...
How to convert MCS provisioned VM’s identity disks to streaming optimized disks.
Description: Support for VMware vSAN8 was incorporated into all current releases of Citrix Virtual Apps and Desktops as detailed in thisblog. With this support, Machine Creation Services MCS creates VMDK files with a stream-optimized format for all VMs. As the blog mentioned, there might be...
RHSA-2024:3049 Red Hat Security Advisory: perl-Convert-ASN1 security update
Bulletin has no description...
OSV-2024-1043 Heap-buffer-overflow in simdutf::haswell::implementation::convert_utf8_to_latin1
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71307 Crash type: Heap-buffer-overflow WRITE Crash state: simdutf::haswell::implementation::convertutf8tolatin1 Conversion Conversion...
OSV-2024-1034 Heap-buffer-overflow in simdutf::haswell::implementation::convert_utf8_to_utf16be
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71218 Crash type: Heap-buffer-overflow WRITE Crash state: simdutf::haswell::implementation::convertutf8toutf16be Conversion Conversion...
AZL-47531 CVE-2024-41089 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgethdmodes In nv17tvgethdmodes, the return value of drmmodeduplicate is assigned to mode, which will lead to a possible NULL pointer dereference on failure of...
PT-2024-18941
Name of the Vulnerable Software and Affected Versions github.com/gotenberg/gotenberg/v8/pkg/gotenberg versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/chromium versions prior to 8.1.0 github.com/gotenberg/gotenberg/v8/pkg/modules/webhook versions prior to 8.1.0 Description Th...
OSV-2024-637 Heap-buffer-overflow in ih264d_format_convert
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69682 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert isvcdvideodecode isvcdapifunction...
PT-2024-40810 · Git +1 · Libavc
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow issue is reported, which can cause a crash. The crash occurs in the ih264d format convert and ih264d decode picture thread...
CLSA-2024-1720094351 glibc: Fix of 2 CVEs
Fix a memory leak in converthostenttogaihaddrtuple function with AIALL - CVE-2023-4806: fix memory access issue in getaddrinfo function by implementing nssgethostbyname3r hook - CVE-2023-4813: fix memory leakage in gaihinet function to prevent application crash when getaddrinfo function is called...
The vulnerability of the im_convert_path/im_identify_path function in the RoundCube Webmail client allows a hacker to exploit their privileges.
The vulnerability of the imconvertpath/imidentifypath function in the RoundCube Webmail email client is related to the lack of measures taken at the administrative level to clean up data. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...
CVE-2024-5979
In h2oai/h2o-3 version 3.46.0, the runtool command in the rapids component allows the main function of any class under the water.tools namespace to be called. One such class, MojoConvertTool, crashes the server when invoked with an invalid argument, causing a denial of service...