CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow...

5.1CVSS8.2AI score0.01732EPSS

Exploits1References1

NVD•added 2024/02/12 8:15 p.m.•11 views

CVE-2024-25108

Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This...

9.9CVSS9.1AI score0.00678EPSS

Exploits1References2

CVE•added 2024/02/12 8:5 p.m.•63 views

CVE-2024-25108

Pixelfed suffers an authorization-check bypass that lets authenticated users obtain access to administrative and moderator functionality. Affected versions are v0.10.4 through v0.11.9 (inclusive); a proof-of-concept exists. Root cause: improper and insufficient checks during request processing al...

9.9CVSS8.9AI score0.00678EPSS

Exploits1References2Affected Software1

Huntr•added 2023/06/05 6:7 a.m.•17 views

we can still send the photo as greeting card even the albums is locked

1 admin create a album and upload a photo 2 member-1 login and send the photo as greeting card to member-2 3 member-1 use burpsuite hijack the request, which can be like POST /admprogram/modules/ecards/ecardsend.php HTTP/1.1...

3.5CVSS6.9AI score0.00416EPSS

Exploits1

HackRead•added 2019/07/15 6:55 p.m.•53 views

Hacker gets $30,000 for reporting hack Instagram account flaw

By Waqas The flaw allowed anyone with knowledge of brute force attack to hack Instagram accounts without raising any suspicion. How to hack Instagram account? This is something that every Tom, Dick, and Harry wants to know since with over a billion users, Instagram is the world's largest photo an...

2AI score

Exploits0

CNVD•added 2019/06/21 12:0 a.m.•3 views

Sony Bravia TV Photo Sharing Plus Parameter Injection Vulnerability

Sony Bravia TV is a smart TV from Sony Japan.Photo Sharing Plus is one of the photo sharing components. A parameter injection vulnerability exists in the Photo Sharing Plus component in Sony Bravia TV version 8.587 and earlier. The vulnerability stems from a network system or product not properly...

8.8CVSS7.6AI score0.00913EPSS

Exploits0References1

CNVD•added 2019/06/21 12:0 a.m.•3 views

Sony Bravia TV Photo Sharing Plus Buffer Overflow Vulnerability

Sony Bravia TV is a smart TV from Sony Japan.Photo Sharing Plus is one of the photo sharing components. A buffer overflow vulnerability exists in the Photo Sharing Plus component in Sony Bravia TV versions 8.587 and earlier. The vulnerability originates when a networked system or product performs...

6.5CVSS7.3AI score0.00598EPSS

Exploits0References1

CNVD•added 2019/06/21 12:0 a.m.•4 views

Sony Bravia TV Photo Sharing Plus Path Traversal Vulnerability

Sony Bravia TV is a smart TV from Sony Japan.Photo Sharing Plus is one of the photo sharing components. A path traversal vulnerability exists in the Photo Sharing Plus component in Sony Bravia TV version 8.587 and earlier. The vulnerability stems from a failure of a networked system or product to...

8.1CVSS6.8AI score0.0089EPSS

Exploits0References1