Lucene search
+L

9 matches found

nessus
nessus
added 2026/06/30 12:0 a.m.7 views

Axis Communications AXIS OS Improper Validation of Specified Type of Input (CVE-2024-47261)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web interface of the Axis device. Axis has released patched AXIS OS...

4.3CVSS5.9AI score0.00347EPSS
Exploits0References2
debiancve
debiancve
added 2026/05/19 8:7 p.m.7 views

CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS5.8AI score0.00323EPSS
Exploits0
osv
osv
added 2026/01/09 3:19 p.m.1 views

SUSE-SU-2026:0087-1 Security update for libheif

This update for libheif fixes the following issues: - CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay via crafted HEIF that exercises the overlay image item bsc1255735...

7.1CVSS7.2AI score0.00267EPSS
Exploits1References3
redhatcve
redhatcve
added 2025/12/31 12:57 p.m.5 views

CVE-2025-68431

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...

6.5CVSS6.5AI score0.00267EPSS
Exploits1References2
osv
osv
added 2024/10/15 9:15 p.m.3 views

DEBIAN-CVE-2024-41311

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write...

8.1CVSS7.9AI score0.00825EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2024/10/15 12:0 a.m.9 views

PT-2024-7935 · Libheif +6 · Libheif +6

Name of the Vulnerable Software and Affected Versions: Libheif version 1.17.6 Description: The issue is related to the ImageOverlay::parse function in the libheif decoder and encoder for video and photo file formats. It involves an out-of-bounds read and write due to insufficient checks when...

9.4CVSS8.6AI score0.00927EPSS
Exploits4References59
patchstack
patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Overlay Image Divi Module Plugin < 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Overlay Image Divi Module Type Plugin Vulnerable versions 1.5 Fixed in 1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3d904935a6e0 Credits Rafie Muhammad Patchstack...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
patchstack
patchstack
added 2022/02/28 12:0 a.m.8 views

WordPress Overlay Image Divi Module plugin <= 1.3.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Overlay Image Divi Module plugin versions = 1.3.1. Solution Update the WordPress Overlay Image Divi Module plugin to the latest available version at least 1.3.2...

2.7AI score
Exploits0References2Affected Software1
exploitdb
exploitdb
added 2011/11/03 12:0 a.m.16 views

Calibre E-Book Reader - Race Condition Privilege Escalation

!/bin/sh .70-Calibrer Assault Mount by Dan Rosenberg @djrbliss and zx2c4 Yesterday we learned how Calibre's ability to mount anything anywhere resulted in a local root. Today's exploit shows a race condition to subvert recent changes preventing symlinks and checking path prefixes. - djrbliss &...

7.4AI score
Exploits0
Rows per page
Query Builder