Lucene search
K

50350 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An integer overflow vulnerability exists in the ImageChannel::resize function, which can be triggered when processing a specially crafted OpenEXR image file through the OpenEXRUtil public API. This can...

8.8CVSS6.2AI score0.00355EPSS
Exploits1References7
NVD
NVD
added yesterday5 views

CVE-2026-61970

Server-Side Request Forgery SSRF vulnerability in Themeisle Auto Featured Image Auto Post Thumbnail auto-post-thumbnail allows Server Side Request Forgery.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through = 5.0.4...

4.9CVSS0.00188EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57413

Server-Side Request Forgery SSRF vulnerability in bdthemes Instant Image Generator ai-image allows Server Side Request Forgery.This issue affects Instant Image Generator: from n/a through = 2.1.4...

6.4CVSS0.0023EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday3 views

OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An integer overflow vulnerability exists in the ImageChannel::resize function, which can be triggered when processing a specially crafted OpenEXR image file through the OpenEXRUtil public API. This can...

8.8CVSS6.2AI score0.00355EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added yesterday5 views

Important: Red Hat Security Advisory: gegl04 security update

An update for gegl04 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS7.3AI score0.00552EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added yesterday5 views

podman: Podman: Information disclosure via malicious container image environment variables

A flaw was found in Podman, a tool for managing OCI containers and pods. A malicious container image can be crafted with an environment variable that has a key but no value, or an asterisk , to trick Podman. This vulnerability causes Podman to pass host environment variables into the container...

7.5CVSS6AI score0.0026EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday7 views

CVE-2026-61970 WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 5.0.4 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Themeisle Auto Featured Image Auto Post Thumbnail auto-post-thumbnail allows Server Side Request Forgery.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through = 5.0.4...

4.9CVSS0.00188EPSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-61970

The CVE-2026-61970 entry concerns a Server-Side Request Forgery (SSRF) in the Themeisle Auto Featured Image (Auto Post Thumbnail) WordPress plugin. Affected versions are &lt;= 5.0.4 (reported as from n/a through

4.9CVSS6.1AI score0.00188EPSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-57413

CVE-2026-57413 describes a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin “Instant Image Generator” (ai-image). The connected documents indicate the issue affects Instant Image Generator versions from n/a up to 2.1.4. The available details specify the vulnerability type ...

6.4CVSS6.1AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-57413 WordPress Instant Image Generator plugin <= 2.1.4 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in bdthemes Instant Image Generator ai-image allows Server Side Request Forgery.This issue affects Instant Image Generator: from n/a through = 2.1.4...

6.4CVSS0.0023EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday3 views

firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service in the Graphics: ImageLib component...

6.5CVSS6AI score0.00227EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday4 views

firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service in the Graphics: ImageLib component...

6.5CVSS6AI score0.00227EPSS
Exploits0References6
NVD
NVD
added yesterday4 views

CVE-2026-15539

A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. T...

5.8CVSS0.00227EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday4 views

gimp: gimp: Heap buffer overflow in read_channel_data()

A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...

7.3CVSS6.6AI score0.00233EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday8 views

CVE-2026-15539 SourceCodester Online Book Store System Book Image Upload Feature index.php books unrestricted upload

A security vulnerability has been detected in SourceCodester Online Book Store System 1.0. Impacted is an unknown function of the file /admin/index.php?page=books of the component Book Image Upload Feature. Such manipulation leads to unrestricted upload. The attack may be performed from remote. T...

5.8CVSS0.00227EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday4 views

OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An integer overflow vulnerability exists in the ImageChannel::resize function, which can be triggered when processing a specially crafted OpenEXR image file through the OpenEXRUtil public API. This can...

8.8CVSS6.2AI score0.00355EPSS
Exploits1References7
Nuclei
Nuclei
added yesterday80 views

WordPress Customize Login Image <3.5.3 - Cross-Site Scripting

WordPress Customize Login Image plugin prior to 3.5.3 contains a cross-site scripting vulnerability via the custom logo link on the Settings page. This can allow an attacker to steal cookie-based authentication credentials and launch other attacks. id: CVE-2021-33851 info: name: WordPress Customi...

5.4CVSS6.2AI score0.01318EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday37 views

WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting

WordPress defa-online-image-protector 3.3 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

6.1CVSS6.6AI score0.03236EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday28 views

LolLMS < 2.2.0 - Server-Side Request Forgery

A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0. The /api/files/export-content endpoint processes Markdown image URLs by downloading them via downloadimagetotemp in backend/routers/files.py without any validation, allowing an unauthenticated...

7.5CVSS7.2AI score0.01765EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday80 views

Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion

Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via comimagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. dot dot in the folder parameter to index.php. id: CVE-2008-4668 info: name: Joomla! Image Browser 0.1.5 rc2 - Local...

9CVSS6.3AI score0.21476EPSS
Exploits1References5
Rows per page
Query Builder