Lucene search
K

321 matches found

FreeBSD
FreeBSD
added 2024/11/12 12:0 a.m.11 views

element-web -- several vulnerabilities

Element team reports: Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. A malicious homeserver can send invalid messages over...

6.9AI score
Exploits0References2
Vivaldi Security Advisories
Vivaldi Security Advisories
added 2024/10/30 12:59 p.m.6 views

Minor update for Vivaldi Desktop Browser 7.0

Download Vivaldi The following improvements were made since the initial 7.0 stable release: Chromium Upgraded to 130.0.6723.96 CVE-2024-10487, CVE-2024-10488 Crash With Trash in Sessions Panel VB-110788 FeedsmacOS Can't rename top-level feed VB-110618 Keyboard Focus Next/Prev pane no longer...

8.8CVSS5.8AI score0.00653EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/24 12:0 a.m.4 views

PT-2024-38919 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS versions 9.0.0 through 9.3.3 Concrete CMS versions below 8.5.19 Description: The issue concerns Stored XSS in the Image Editor Background Color, where a rogue admin could add malicious code to the Thumbnails/Add-Type. This could...

5.1CVSS6.1AI score0.0049EPSS
Exploits0References13
OSV
OSV
added 2024/07/25 11:55 p.m.4 views

USN-6200-2 imagemagick vulnerabilities

USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...

5.5CVSS7AI score0.01018EPSS
Exploits2References3
Patchstack
Patchstack
added 2024/07/06 12:38 p.m.3 views

WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Responsive Image Gallery, Gallery Album versions = 2.0.3...

6.3CVSS7AI score0.00246EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/06/13 8:15 p.m.2 views

CVE-2024-38312

When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS 127...

6.5CVSS5.8AI score0.00292EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/06/13 12:0 a.m.6 views

The vulnerability of the Thumbnails component in the Redmine web application for managing projects and tasks allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Thumbnails component in the Redmine web application for managing projects and tasks exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6AI score0.00377EPSS
Exploits0References5Affected Software2
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.5 views

PT-2024-25815 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 9.5.48 ELTS TYPO3 versions prior to 10.4.45 ELTS TYPO3 versions prior to 11.5.37 LTS TYPO3 versions prior to 12.4.15 LTS TYPO3 versions prior to 13.1.1 Description: The ShowImageController eID tx cms showpic lacks a...

5.3CVSS7.3AI score0.0047EPSS
Exploits0References9
WPVulnDB
WPVulnDB
added 2024/04/22 12:0 a.m.10 views

Quick Featured Images < 13.7.1 - Missing Authorization to Authenticated (Contributor+) Arbitrary Thumbnail Deletion/Setting

Description The Quick Featured Images plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the setthumbnail and deletethumbnail functions in all versions up to, and including, 13.7.0. This makes it possible for authenticated attackers, with...

4.3CVSS6.7AI score0.00341EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/03/29 10:43 a.m.5 views

WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Responsive Image Gallery, Gallery Album versions = 2.0.3...

7.1CVSS7.1AI score0.00398EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/03/06 11:3 a.m.280 views

BIT-REDMINE-2023-47260

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails...

6.1CVSS5.8AI score0.00377EPSS
Exploits0References2
OSV
OSV
added 2024/01/08 6:15 p.m.3 views

CVE-2023-52219

Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1...

8.8CVSS7.3AI score0.00621EPSS
Exploits0References1
NVD
NVD
added 2024/01/08 6:15 p.m.13 views

CVE-2023-52219

Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1...

9.9CVSS9.6AI score0.00621EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/08 5:17 p.m.5 views

CVE-2023-52219 WordPress Gecka Terms Thumbnails Plugin <= 1.1 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1...

9.9CVSS9.5AI score0.00621EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/08 5:17 p.m.19 views

CVE-2023-52219 WordPress Gecka Terms Thumbnails Plugin <= 1.1 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1...

9.9CVSS9.7AI score0.00621EPSS
Exploits0References1
CVE
CVE
added 2024/01/08 5:17 p.m.40 views

CVE-2023-52219

CVE-2023-52219 is a PHP Object Injection vulnerability in the WordPress plugin Gecka Terms Thumbnails (

9.9CVSS8.5AI score0.00621EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/08 12:0 a.m.4 views

PT-2024-14483 · Unknown · Gecka Terms Thumbnails

Name of the Vulnerable Software and Affected Versions: Gecka Terms Thumbnails versions 1.1 and earlier Description: The issue is related to the deserialization of untrusted data. This can potentially lead to security issues when untrusted data is processed by the application. Recommendations: For...

9.9CVSS8.9AI score0.00621EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.3 views

WordPress Plugin Gecka Terms Thumbnails Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Gecka Terms Thumbnails has...

9.9CVSS6.8AI score0.00621EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/01/05 12:0 a.m.7 views

WordPress Gecka Terms Thumbnails Plugin <= 1.1 is vulnerable to PHP Object Injection

Software Gecka Terms Thumbnails Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-52219 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 8f080ffeedc5 Credits Rafie Muhammad Patchstack Required...

9.9CVSS6.8AI score0.00621EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/12/19 1:15 a.m.10 views

CVE-2023-44982

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina.This issue affects Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina: from n/a through 6.4.5...

7.5CVSS0.01437EPSS
Exploits0References1
Rows per page
Query Builder