32 matches found
Astra Linux - уязвимость в tiff
LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 368 of libtiff/tifunix.c. This vulnerability is invoked by lines 2903 and 6921 in tools/tiffcrop.c. This allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile...
PT-2026-29396
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference NPD in CIccTagLut16::Write can be triggered when processing a crafted ICC profile embedded in a TIFF and extracted during iccTiffDump. This issue has...
CVE-2026-0815
The Category Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag-image' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access and...
CVE-2026-0815
The Category Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag-image' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access and...
CVE-2026-0815
CVE-2026-0815 applies to the WordPress Category Image plugin (v
CVE-2026-0815 Category Image <= 2.0 - Authenticated (Editor+) Stored Cross-Site Scripting via 'tag-image' Parameter
The Category Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag-image' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access and...
CVE-2026-0815
The Category Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag-image' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access and...
CVE-2026-0815 Category Image <= 2.0 - Authenticated (Editor+) Stored Cross-Site Scripting via 'tag-image' Parameter
The Category Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag-image' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access and...
WordPress plugin Category Image 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-7495
The Category Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag-image' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Editor-level access and...
WordPress Category Image plugin <= 2.0 - Authenticated (Editor+) Stored Cross-Site Scripting via 'tag-image' Parameter vulnerability
Authenticated Editor+ Stored Cross-Site Scripting via 'tag-image' Parameter vulnerability discovered by 0x34rth in WordPress Plugin Category Image versions = 2.0...
OESA-2025-2401 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
OESA-2025-2400 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
The vulnerability of the TIFF Image development platform QNX SDP allows attackers to disclose protected information.
The vulnerability of the TIFF Image development platform QNX SDP is related to an off-by-one error. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system’s security measures...
Debian: Security Advisory (DLA-3513-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-221-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libtiff: heap buffer overflow in extractImageSection
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...
OESA-2022-1669 libtiff security update
This libtiff provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libti...
OESA-2022-1586 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
CVE-2021-34299
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Tiffloader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an...