WordPress plugin Email Encoder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

WordPress Email Encoder Bundle Plugin < 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Email Encoder Bundle Type Plugin Vulnerable versions 2.2.2 Fixed in 2.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4483 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5d3ad3645d3e Credits Krugov Artyom Require...

PT-2024-31271 · WordPress · Email Encoder

Name of the Vulnerable Software and Affected Versions: The Email Encoder WordPress plugin versions prior to 2.2.2 Description: The issue is related to a Stored Cross-Site Scripting problem. It occurs because the WP Email Encoder Bundle optionsprotection text parameter is not properly escaped befo...

PT-2024-35517

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference issue in the Linux kernel has been resolved. The problem occurred in the drm/i915/hdcp component, specifically in the intel hdcp get capability function. This...

PT-2024-35516

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer error issue has been resolved in the Linux kernel. The problem was addressed by adding an encoder check in hdcp2 get capability and intel hdcp2 get capability to prevent t...

A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability.

...

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted xy offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

...

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.

...

PT-2024-6320 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass...

PT-2024-6321 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations su...

PT-2024-6318 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...

PT-2024-6319 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 24.5, 23.6.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe Media Encoder. This vulnerability could allow an attacker to execute code in the context of the current us...

PT-2024-33812

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A buffer overflow error has been resolved in the Linux kernel, specifically in the dcn401 stream encoder create function. The issue arises from an out-of-bounds access on the stream en...

[SECURITY] Fedora 40 Update: jpegxl-0.8.3-1.fc40

This package contains a reference implementation of JPEG XL encoder and decoder...

OESA-2024-1806 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

OESA-2024-1807 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

OESA-2024-1808 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

SUSE CVE-2024-32228

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevcframeend...

SUSE CVE-2024-32230

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

Kiloview P1 and P2 Security Vulnerabilities

Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from China-based Kiloview. A security vulnerability exists in the Kiloview P1 and P2 that stems from the use of hard-coded credentials...