Lucene search
K

168 matches found

CNNVD
CNNVD
added 2025/02/26 12:0 a.m.6 views

Cisco Nexus 3000 Series Switches和Cisco Nexus 9000 Series Switches 操作系统命令注入漏洞

Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches are both products of Cisco, Inc.Cisco Nexus 3000 Series Switches is a 3000 series switch.Cisco Nexus Cisco Nexus 9000 Series Switches are Cisco products.Cisco Nexus 3000 Series Switches are 3000 series switches. An operating...

5.1CVSS7.2AI score0.00467EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Check BIOS images before they are used. BIOS images may fail to load, and null checks are added before they are used. This fix addresses 6 NULLRETURNS issues reported by Coverity...

5.5CVSS6.3AI score0.00238EPSS
Exploits0References3
CVE
CVE
added 2025/02/03 12:0 a.m.61 views

CVE-2025-25063

Backdrop CMS has an XSS vulnerability (CVE-2025-25063) in versions 1.28.x before 1.28.5 and 1.29.x before 1.29.3 due to insufficient validation of uploaded SVG images. Crafted SVGs could execute scripting when viewed directly via their URL, though sanitization occurs by embedding all uploaded SVG...

4.4CVSS5.7AI score0.00193EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2025/01/22 3:57 p.m.7 views

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 18.0.4 (openstack-ironic) security update

An update for openstack-ironic is now available for Red Hat OpenStack Platform 18.0.4 Antelope. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

5.3CVSS6.6AI score0.00658EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2024/10/23 6:46 a.m.246 views

USN-7082-1: libheif vulnerability

Gerrard Tai discovered that libheif did not properly validate certain images, leading to out-of-bounds read and write vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or to obtai...

8.1CVSS7.8AI score0.00825EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2024/10/16 7:0 a.m.2 views

drm/amd/display: Check BIOS images before it is used

...

5.5CVSS6.7AI score0.00238EPSS
Exploits0
OSV
OSV
added 2024/10/03 5:15 p.m.4 views

CVE-2024-45872

Bandisoft BandiView 7.05 is vulnerable to Buffer Overflow via sub0x410d1d. The vulnerability occurs due to insufficient validation of PSD files...

6.3CVSS5.8AI score0.00436EPSS
Exploits1References1
NVD
NVD
added 2024/07/22 5:15 a.m.29 views

CVE-2024-41704

LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images...

9.8CVSS0.00666EPSS
Exploits1References3
CVE
CVE
added 2024/07/22 12:0 a.m.60 views

CVE-2024-41704

Technical details about CVE-2024-41704 are not provided in the connected documents; monitor for updates.

9.8CVSS9.6AI score0.00666EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/07/22 12:0 a.m.15 views

CVE-2024-41704

LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images...

9.1CVSS9.6AI score0.00666EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/07/22 12:0 a.m.12 views

CVE-2024-41704

LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images...

9.6AI score0.00666EPSS
Exploits1References3
OSV
OSV
added 2024/07/12 6:15 a.m.4 views

CVE-2024-3112

The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

4.8CVSS5.9AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/07/09 12:14 p.m.4 views

OpenStack: malicious qcow2/vmdk images

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

6.5CVSS6AI score0.00835EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/07/02 5:32 p.m.76 views

CVE-2024-32498

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

8.8CVSS7.8AI score0.00835EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/02 4:47 p.m.33 views

OpenStack: malicious qcow2/vmdk images

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

6.5CVSS6AI score0.00835EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/07/02 4:47 p.m.23 views

OpenStack: malicious qcow2/vmdk images

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

6.5CVSS6AI score0.00835EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/07/02 4:45 p.m.7 views

OpenStack: malicious qcow2/vmdk images

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

6.5CVSS6AI score0.00835EPSS
Exploits0References6
OSV
OSV
added 2024/03/06 11:19 a.m.12 views

BIT-TENSORFLOW-2021-29533 CHECK-fail in DrawBoundingBoxes

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK failure by passing an empty image to tf.rawops.DrawBoundingBoxes. This is because the...

5.5CVSS5.5AI score0.00217EPSS
Exploits1References3
OSV
OSV
added 2024/01/24 2:21 p.m.28 views

GHSA-Q68H-XWQ5-MM7X Cross-site Scripting Vulnerability on Avatar Upload

Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.9.2 and was tested on version 1.8.2. Overview Label Studio has a cross-site scripting XSS vulnerability that coul...

7.1CVSS6AI score0.01448EPSS
Exploits1References8
Veracode
Veracode
added 2023/11/03 5:24 a.m.14 views

Server-Side Request Forgery (SSRF)

foodcoopshop/foodcoopshop is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the lack of proper image validation. This flaw permits an attacker to send a request to any host on the local network, which then responds with a 200 status code for a HEAD requests serving a...

8.1CVSS7.1AI score0.00452EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder