PT-2025-1629 · WordPress · Wp-Enable-Svg

Name of the Vulnerable Software and Affected Versions: wp-enable-svg WordPress plugin versions 0.7 and earlier wp-enable-svg WordPress plugin versions 0.2 and earlier Description: The issue is related to the wp-enable-svg WordPress plugin, which does not sanitize SVG files when uploaded. This...

PT-2023-29291 · Ritecms · Ritecms

Name of the Vulnerable Software and Affected Versions: RiteCMS version 3.0 Description: A File upload issue allows a local attacker to upload a SVG file containing XSS content. Recommendations: For RiteCMS version 3.0, consider restricting file uploads to prevent exploitation until a fix is...

PT-2023-11607 · Artifex +1 · Mupdf +1

Name of the Vulnerable Software and Affected Versions: Artifex Software MuPDF version 1.16.0 Description: A Use After Free vulnerability in the svg dev text span as paths defs function in source/fitz/svg-device.c allows remote attackers to cause a denial of service via the opening of a crafted PD...

PT-2021-24221 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: An invalid memory address dereference issue exists via the svg node start function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider disabling the svg node...

PT-2008-1733 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 SP1 through 7 Description: A use-after-free issue allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, such as the by property of an animateMotion SVG...