EUVD-2023-60241

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

CVE-2023-53979

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

CVE-2023-53979

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

CVE-2023-53979

Summary of the vulnerability (CVE-2023-53979) : MyBB 1.8.32 contains a chained vulnerability that authenticated administrators can exploit to bypass avatar upload restrictions and achieve remote code execution. The attack leverages the ability to modify upload path settings, upload a PHP-embedded...

CVE-2023-53979 MyBB 1.8.32 Authenticated Remote Code Execution via Chained Vulnerabilities

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

CVE-2023-53979 MyBB 1.8.32 Authenticated Remote Code Execution via Chained Vulnerabilities

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

CVE-2024-52515 Nextcloud Server has incomplete sanitization of SVG files allows to embed other images into previews

Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If the file would exist the preview of the SVG would preview the other file instead. It is recommended...

SUSE CVE-2023-32763

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

UBUNTU-CVE-2023-32763

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

ChatGPT Cross Site Scripting

Exploit Title: ChatGPT OpenAI - Cross-Site Scripting XSS Vulnerability. Date: 25/03/2023 Vendor Homepage: https://openai.com/ Exploit Author: Miguel Segovia Software Link: https://chat.openai.com/chat CVE : Requested N/A Description: A reflected Cross-Site Scripting XSS vulnerability has been...

SUSE CVE-2010-1507

WebYaST in yast2-webclient in SUSE Linux Enterprise SLE 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key...

SUSE CVE-2012-1149

Integer overflow in the vclmi.dll module in OpenOffice.org OOo 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JP...

Adobe Acrobat XPS JPEG Out of Bounds Read (CVE-2018-4889)

An out of bounds read vulnerability has been reported in XPS component of Adobe Acrobat. The vulnerability is due to improper parsing of an embedded JPEG image in an XPS document. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

Server side request forgery (ssrf)

Server-side request forgery SSRF vulnerability in the documentconverter component in Open-Xchange OX AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary images via a URL in an embedded image in a Text...

CVE-2013-6801

Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service CPU consumption via a malformed .doc file containing an embedded image, as demonstrated by word2003forkbomb.doc, related to a "fork bomb" issue...

CVE-2013-6801

Microsoft Word 2003 SP2/SP3 on Windows XP SP3 is affected by CVE-2013-6801, enabling a denial-of-service due to a malformed .doc containing an embedded image. The issue, demonstrated with the word2003forkbomb.doc, causes CPU consumption when processing the crafted document. Details consistently r...

Adobe Reader X 10.1.4.38 - .BMP.RLE Heap Corruption

Adobe Reader X 10.1.4.38 - .BMP.RLE Heap Corruption ''' Title: Adobe Reader X BMP/RLE heap corruption Product: Adobe Reader X Version: 10.x Product Homepage: adobe.com Binary affected: AcroForm.api Binary Version: 10.1.4.38 Binary MD5: 8e0fc0c6f206b84e265cc3076c4b9841 Configuration Requirements...

Adobe Reader X 10.1.4.38 - BMP/RLE Heap Corruption Vulnerability

Exploit for windows platform in category local exploits ''' Title: Adobe Reader X BMP/RLE heap corruption Product: Adobe Reader X Version: 10.x Product Homepage: adobe.com Binary affected: AcroForm.api Binary Version: 10.1.4.38 Binary MD5: 8e0fc0c6f206b84e265cc3076c4b9841 Configuration Requiremen...

LibreOffice Graphic Object Loading Buffer Overflow Vulnerability (Mac OS X)

This host is installed with LibreOffice and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gblibreofficegraphicobjectbofvulnmacosx.nasl 5977 2017-04-19 09:02:22Z teissa $ LibreOffice Graphic Object Loading Buffer Overflow Vulnerability Mac OS X Authors: Rachana Shetty...

LibreOffice Graphic Object Loading Buffer Overflow Vulnerability - Windows

LibreOffice is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...