Lucene search
K

321 matches found

OSV
OSV
added 2022/12/08 4:15 p.m.4 views

CVE-2022-39907

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

7.8CVSS5.8AI score0.00086EPSS
Exploits0References1
Prion
Prion
added 2022/12/08 4:15 p.m.21 views

Integer overflow

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

4.3CVSS7.6AI score0.00086EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/12/08 4:15 p.m.20 views

Out-of-bounds

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

3.7CVSS7.3AI score0.00071EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/08 12:0 a.m.33 views

CVE-2022-39907

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

6.9CVSS7.8AI score0.00086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.5 views

PT-2022-25101 · Samsung · Samsung Decoding Library

Name of the Vulnerable Software and Affected Versions: Samsung decoding library versions prior to SMR Dec-2022 Release 1 Description: The issue is related to a TOCTOU vulnerability in the Samsung decoding library for video thumbnails, which allows a local attacker to perform an Out-Of-Bounds Writ...

7.4CVSS7.2AI score0.00071EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/08 12:0 a.m.7 views

CVE-2022-39908

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

6.9CVSS7.3AI score0.00071EPSS
Exploits0References1
CVE
CVE
added 2022/12/08 12:0 a.m.77 views

CVE-2022-39908

CVE-2022-39908 affects Samsung decoding library used for video thumbnails on Samsung Mobile devices prior to SMR Dec-2022 Release 1. The root cause is a TOCTOU condition enabling a local attacker to perform an Out-Of-Bounds Write. Affected component: Samsung decoding library for video thumbnails;...

7.4CVSS7.2AI score0.00071EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/11/30 12:0 a.m.15 views

WordPress Video Thumbnails plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS4.8AI score0.00495EPSS
Exploits2References1
OSV
OSV
added 2022/11/28 2:15 p.m.5 views

CVE-2022-3828

The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00495EPSS
Exploits2References1
NVD
NVD
added 2022/11/28 2:15 p.m.22 views

CVE-2022-3828

The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS0.00495EPSS
Exploits2References1
Prion
Prion
added 2022/11/28 2:15 p.m.13 views

Cross site scripting

The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS4.7AI score0.00495EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2022/11/28 1:47 p.m.66 views

CVE-2022-3828

Video Thumbnails WordPress plugin (≤ version 2.12.3) contains a stored XSS vulnerability due to unsanitized/uncleaned settings, exploitable by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Affected component: plugin settings. Impact: stored XSS with potential for ad...

4.8CVSS4.6AI score0.00495EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/28 1:47 p.m.5 views

CVE-2022-3828 Video Thumbnails <= 2.12.3 - Admin+ Stored XSS

The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.9AI score0.00495EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.5 views

WordPress plugin Video Thumbnails 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS6AI score0.00495EPSS
Exploits2References2
Patchstack
Patchstack
added 2022/11/02 12:0 a.m.18 views

WordPress Video Thumbnails plugin <= 2.12.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by zhangyunpei in WordPress Video Thumbnails plugin versions = 2.12.3. Solution Deactivate and delete. This plugin has been closed as of November 2, 2022 and is not available for download. This closure is temporary, pending a full...

2.5AI score0.00495EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/11/02 12:0 a.m.86 views

Video Thumbnails <= 2.12.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. Put the following payload in the "Custom Field...

4.8CVSS0.1AI score0.00495EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/11/02 12:0 a.m.15 views

Video Thumbnails <= 2.12.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC Put the following payload in the "Custom Fiel...

4.8CVSS1.7AI score0.00495EPSS
Exploits2Affected Software1
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.3 views

tifig 缓冲区错误漏洞

tifig is a Monostream open source fast HEIF image converter for thumbnails. A security vulnerability exists in tifig version v0.2.2, which stems from a heap buffer overflow in its /asan/asaninterceptorsmemintrinsics.cpp component in asanmemmove...

5.5CVSS6AI score0.00287EPSS
Exploits1References2
OSV
OSV
added 2022/05/14 2:2 a.m.19 views

GHSA-276R-24XQ-HWG8 Pimcore XSS Vulnerability

Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...

5.4CVSS5.5AI score0.03121EPSS
Exploits5References5
Github Security Blog
Github Security Blog
added 2022/05/14 2:2 a.m.29 views

Pimcore XSS Vulnerability

Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...

5.4CVSS6.3AI score0.03121EPSS
Exploits5References6Affected Software1
Rows per page
Query Builder