Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesβ€’added 2024/11/12 12:0 a.m.β€’2 views

PT-2024-34880 Β· Element Β· Element DesktopΒ +1

Name of the Vulnerable Software and Affected Versions: Element Web and Desktop versions prior to 1.11.85 Description: The issue concerns the handling of thumbnails for attachments, stickers, and images. Specifically, versions of Element Web and Desktop earlier than 1.11.85 do not check if these...

3.5CVSS7.2AI score0.00098EPSS
Exploits0References6
Positive Technologies
Positive Technologiesβ€’added 2022/12/08 12:0 a.m.β€’3 views

PT-2022-25100 Β· Samsung Β· Samsung Decoding Library

Name of the Vulnerable Software and Affected Versions: Samsung decoding library versions prior to SMR Dec-2022 Release 1 Description: The issue is related to an integer overflow in the Samsung decoding library, specifically affecting the handling of video thumbnails. This allows a local attacker ...

7.8CVSS7.5AI score0.00016EPSS
Exploits0References2
CNVD
CNVDβ€’added 2018/09/10 12:0 a.m.β€’1 views

WordPress Input Validation Vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An input validation vulnerability exists in the thumbnail handling process in WordPress versions prior to 4.9...

8.8CVSS8.5AI score0.19822EPSS
Exploits0References1
OSV
OSVβ€’added 2018/09/06 12:29 p.m.β€’1 views

DEBIAN-CVE-2017-1000600

WordPress version 4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has...

8.8CVSS8.9AI score0.19822EPSS
Exploits0References1
OSV
OSVβ€’added 2015/11/09 6:59 p.m.β€’1 views

DEBIAN-CVE-2015-8005

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file...

5CVSS7AI score0.00253EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusβ€’added 2008/01/27 12:0 a.m.β€’25 views

Debian DSA-1474-1 : exiv2 - integer overflow

Meder Kydyraliev discovered an integer overflow in the thumbnail handling of libexif, the EXIF/IPTC metadata manipulation library, which could result in the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

7.5CVSS8.2AI score0.0234EPSS
Exploits0References2
Debian
Debianβ€’added 2008/01/23 9:41 p.m.β€’20 views

[SECURITY] [DSA 1474-1] New exiv2 packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1474-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 23, 2008 http://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.0234EPSS
Exploits0
Rows per page
Query Builder