Lucene search
K

12 matches found

Veracode
Veracode
added 2025/02/27 4:2 a.m.6 views

Cross-Site Scripting (Reflected XSS)

Leantime is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input validation and output encoding in the "overdue" section, allowing attackers to upload malicious image files containing XSS payloads...

5.7AI score
Exploits0
OSV
OSV
added 2025/02/21 10:15 p.m.3 views

GHSA-52XF-H226-PFGX Leantime allows Refelected Cross-Site Scripting (XSS)

Summary The vulnerability in Leantime's "overdue" section allows attackers to upload malicious image files containing XSS payloads. When other users view these files, the scripts execute, enabling attackers to steal sensitive information or perform unauthorized actions. Improving input validation...

5.9CVSS6.3AI score
Exploits0References2
Veracode
Veracode
added 2024/04/16 8:33 a.m.20 views

Use After Free

SixLabors.ImageSharp is vulnerable to Use After Free. The vulnerability is due to improper input validation within the JPEG and TGA decoders, which allows an attacker to craft malicious image files that could result in Information Disclosure during the conversion process...

6.5CVSS6.6AI score0.00575EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/10/07 6:15 p.m.3 views

CVE-2021-40162

A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code...

7.8CVSS6AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/31 3:33 p.m.33 views

CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

5.7AI score0.00397EPSS
Exploits1References6
Redos
Redos
added 2021/09/08 12:0 a.m.17 views

ROS-2-446

2.446 VLC vulnerability CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

9.8CVSS7.1AI score0.03636EPSS
Exploits7
OSV
OSV
added 2019/06/05 2:10 p.m.2 views

GHSA-VPQ5-4RC8-C222 Denial of Service in canvas

Versions of canvas prior to 1.6.10 are vulnerable to Denial of Service. Processing malicious JPEGs or GIFs could crash the node process. Recommendation Upgrade to version 1.6.10...

5.9AI score
Exploits0References3
Veracode
Veracode
added 2017/09/04 3:43 a.m.18 views

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. When attackers input malicious image files, it causes a NULL pointer dereference issue in the ReadCUTImage function in coders/cut.c...

6.5CVSS7.1AI score0.01605EPSS
Exploits0References5Affected Software1
myhack58
myhack58
added 2016/05/12 12:0 a.m.21 views

ImageMagick(CVE-2 0 1 6-3 7 1 4 implementation process, vulnerability analysis, and solution-vulnerability warning-the black bar safety net

! What is ImageMagick ImageMagick is a free to create, edit, composite picture software. It can read, convert, write a variety of formats pictures. Picture cut, color replacement, various effects application, image rotation, composition, text, line, polygon, ellipse, curve, attached to a picture ...

0.2AI score
Exploits0
Typo3
Typo3
added 2016/05/05 12:0 a.m.14 views

Critical vulnerabilities in ImageMagick

Multiple vulnerabilities in ImageMagick have been discovered, Remote Code Execution being one of them. For image manipulation TYPO3 CMS makes use of either one of the third party tools GraphicsMagick or ImageMagick. Recently it has been discovered, that ImageMagick exposes multiple vulnerabilitie...

7.7AI score
Exploits0
myhack58
myhack58
added 2011/01/26 12:0 a.m.31 views

HDWiKi V 5.0 local include vulnerability 0Day-vulnerability warning-the black bar safety net

Release date: 2011-01. 2 3 Publishing author: HYrz Affected versions: HDWiKi V 5.0 Official website: http://kaiyuan.hudong.com Vulnerability type: a file that contains Vulnerability description: From the source code see there is indeed a problem,we just Upload a picture of the Trojan can be norma...

7.5AI score
Exploits0
OSV
OSV
added 2004/09/16 12:0 a.m.30 views

DSA-547-1 imagemagick - buffer overflows

Bulletin has no description...

7.5CVSS6AI score0.05512EPSS
Exploits0
Rows per page
Query Builder