CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 26 and iPadOS 26, iOS 18.7 and iPadOS 18.7. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 26 and iPadOS 26, iOS 18.7 and iPadOS 18.7. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

CVE-2025-55944

CVE-2025-55944 concerns Slink v1.4.9, where stored XSS can be triggered by crafted SVG uploads. The vulnerability arises when a user views the shared image in a new tab, allowing embedded JavaScript to execute for both authenticated and unauthenticated users. Technical specifics across connected ...

CVE-2024-0053

In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-46724

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen...

PT-2025-6606 · WordPress · Profilegrid

Name of the Vulnerable Software and Affected Versions: ProfileGrid – User Profiles, Groups and Communities plugin for WordPress versions up to, and including, 5.9.4.2 Description: The issue allows authenticated attackers with Subscriber-level access and above to make web requests to arbitrary...

XnSoft XnView Classic 数字错误漏洞

XnSoft XnView Classic is a suite of image viewing software from XnSoft. The software can be used to view, convert, organize and edit graphics and video files. XnSoft XnView Classic suffers from a numeric error vulnerability that stems from improper validation of user-supplied data during the...

CVE-2024-11219

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.0.6 via the getimage function. This makes it possible for unauthenticated attackers to view arbitrary images on the server, whi...

WordPress plugin Otter Blocks 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

WordPress Otter Blocks – Gutenberg Block plugin <= 3.0.6 - Unauthenicated Path Traversal to Arbitrary Image View vulnerability

Unauthenicated Path Traversal to Arbitrary Image View vulnerability discovered by mikemyers in WordPress Plugin Otter - Gutenberg Block versions = 3.0.6...

[SECURITY] Fedora 38 Update: w3m-0.5.3-63.git20230121.fc38

The w3m program is a pager or text file viewer that can also be used as a text-mode Web browser. W3m features include the following: when reading an HTML document, you can follow links and view images using an external image viewer; its internet message mode determines the type of document from t...

[SECURITY] Fedora 39 Update: w3m-0.5.3-63.git20230121.fc39

The w3m program is a pager or text file viewer that can also be used as a text-mode Web browser. W3m features include the following: when reading an HTML document, you can follow links and view images using an external image viewer; its internet message mode determines the type of document from t...

CVE-2023-40139

In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-46724

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen...

Fedora: Security Advisory for w3m (FEDORA-2022-ce04ff8b49)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-41952

Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting XSS via upload file to .SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS...

Binary Vulnerability in the Official Free Version of ACDSee

ACDSee is an image viewing tool that supports fast opening and browsing of most image formats. ACDSee Official Free Edition contains a binary vulnerability that can be exploited by attackers to cause a denial of service...

honeyview is vulnerable to dll hijacking

Honeyview is an image viewing program. Honeyview suffers from a dll hijacking vulnerability that can be exploited by an attacker to gain privileges on the victim's host...

FastStone Capture suffers from dll hijacking vulnerability

FastStone Capture is an image viewing, editing and screenshotting tool. FastStone Capture suffers from a dll hijacking vulnerability. An attacker can exploit this vulnerability to gain control of the server...

Binary Vulnerability in ABC Viewing Software (CNVD-2020-73309)

ABC Viewer is a permanent free image viewing software, intelligently turns on hardware acceleration and supports a variety of image formats. ABC Viewer has a binary vulnerability that can be exploited by attackers to cause the software to crash...