Lucene search
K

11 matches found

EUVD
EUVD
added 2026/04/05 12:30 p.m.6 views

EUVD-2026-19069

A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the component Environment Variable Handler. Executing a manipulation can lead to injection. It is...

6.5CVSS6.3AI score0.00291EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.3 views

WordPress plugin WP Adminify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.4CVSS6.6AI score0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/08 12:0 a.m.22 views

CVE-2025-65230

Barix Instreamer v04.06 and v04.05 contains a stored cross-site scripting XSS vulnerability in the Web UI Configuration Streaming Destination input...

0.00168EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/15 12:0 a.m.4 views

Slackware Linux 15.0 / current xpdf Multiple Vulnerabilities (SSA:2025-319-01)

The version of xpdf installed on the remote host is prior to 4.06. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-319-01 advisory. New xpdf packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

8.2CVSS4.9AI score0.00391EPSS
Exploits2References14
Snyk
Snyk
added 2024/10/22 6:32 p.m.1 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the redirect parameter in Commerce Catalogs. An attacker can perform administrative actions, execute arbitrary code, and alter user settings by convincing a user to follow a malicious link. Remediatio...

8.8CVSS7.4AI score0.00342EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.4 views

SUSE CVE-2016-3633

The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors related to the src variable...

7.5CVSS6.8AI score0.01609EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.3 views

SUSE CVE-2016-9534

tifwrite.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1 that didn't reset the tifrawcc and tifrawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."...

9.8CVSS7.3AI score0.03553EPSS
Exploits1References4
OSV
OSV
added 2022/07/05 12:0 a.m.3 views

GHSA-P64X-8RXX-WF6Q Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected...

9.8CVSS6.9AI score0.73274EPSS
Exploits3References15
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.7 views

PT-2019-7663 · WordPress · All-In-One-Wp-Security-And-Firewall

Name of the Vulnerable Software and Affected Versions: all-in-one-wp-security-and-firewall plugin versions prior to 4.0.6 Description: The issue concerns a cross-site scripting XSS problem in the settings pages of the plugin. Recommendations: For versions prior to 4.0.6, update to version 4.0.6 o...

6.1CVSS5.9AI score0.00924EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/08/02 4:59 p.m.16 views

libtiff: out-of-bounds write in the tiff2rgba tool

Multiple integer overflows in the 1 cvtbystrip and 2 cvtbytile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service crash or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write...

7.8CVSS7.8AI score0.03377EPSS
Exploits0References4
CNVD
CNVD
added 2016/04/12 12:0 a.m.3 views

Silicon Graphics LibTiff rgb2ycbcr Tool Denial of Service Vulnerability

Silicon Graphics LibTiff is a library for reading and writing TIFF Tagged Image File Format files from the U.S. company Silicon Graphics. The library contains a number of command-line tools to deal with TIFF files. A denial of service vulnerability exists in the 'cvtClump' function in the rgb2ycb...

7.5CVSS7.5AI score0.04055EPSS
Exploits1References1
Rows per page
Query Builder