phpShowtime 2.0 - Directory Traversal

A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. dot dot in the r parameter to index.php. id: CVE-2012-0981 info: name: phpShowtime 2.0 - Directory Traversal author: daffainfo severity: medium description: A...

Banana-slides path traversal vulnerability

banana-slides is an AI-based PPT generation application developed by Anion. Versions of banana-slides 0.4.0 and earlier have a path traversal vulnerability. This vulnerability stems from a path traversal issue in the AI service’s backend function, generateimage. Due to the use of os.path.startswi...

CVE-2026-46337

WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded...

CVE-2026-46337 WWBN AVideo: Unauthenticated Arbitrary Image Read via Path Traversal in `view/img/image404Raw.php`

WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded...

EUVD-2026-33305

WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded...

CVE-2026-46337

WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded...

UBUNTU-CVE-2026-49128

Music Player Daemon MPD before version 0.24.11 contains a path traversal vulnerability in LocalStorage::MapFSOrThrow and LocalStorage::MapUTF8 within the local storage plugin, where the on-disk path is constructed by joining the storage root with a user-supplied URI as plain strings without...

CVE-2026-49128 Music Player Daemon < 0.24.11 Path Traversal via LocalStorage URI Handling

Music Player Daemon MPD before version 0.24.11 contains a path traversal vulnerability in LocalStorage::MapFSOrThrow and LocalStorage::MapUTF8 within the local storage plugin, where the on-disk path is constructed by joining the storage root with a user-supplied URI as plain strings without...

Astra Linux - уязвимость в gimp

A flaw was discovered in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP may be tricked into generating serious memory errors, potentially leading to crashes and causing a heap buffer overflow...

AVideo: Unauthenticated Arbitrary Image Read via Path Traversal in `view/img/image404Raw.php`

Summary The endpoint requires no authentication. An unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind ACLs, admin-uploaded thumbnails,...

PT-2026-41994

Name of the Vulnerable Software and Affected Versions AVideo versions 29.0 and earlier Description An unauthenticated remote attacker can read arbitrary image files from the disk that the PHP user has permission to open. This includes private user-profile photos protected by Access Control Lists...

OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

novaGallery 路径遍历漏洞

novaGallery is an open-source PHP image gallery tool developed by novafacile OÜ, which does not require a database. Versions of novaGallery prior to 2.1.1 contained a path traversal vulnerability. This vulnerability stems from path traversal attacks, potentially allowing unverified users to acces...

RockyLinux 8 : LibRaw (RLSA-2026:13284)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13284 advisory. LibRaw: LibRaw: Memory Corruption via Malicious File Processing CVE-2026-24660 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow i...

RHEL 8 : LibRaw (RHSA-2026:14224)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:14224 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw:...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect early exit in erofs due to invalid metadata and image files. This vulnerability may...

CVE-2026-42144

This CVE affects the CImg Library: an integer overflow in the WH D size computation inside _load_pnm() can bypass the memory allocation guard, leading to a potentially undersized heap buffer and heap buffer overflow when loading crafted PNM/PGM/PPM images. The issue is mitigated by the patch intr...

PT-2026-36892

Name of the Vulnerable Software and Affected Versions CImg Library versions prior to commit 4ca26bc Description An integer overflow exists in the load pnm function during the computation of WHD size. A specially crafted PNM, PGM, or PPM file containing large dimension values can cause the...

Astra Linux - уязвимость в tiff

The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...