321 matches found
CVE-2022-39907
Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...
Integer overflow
Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...
Out-of-bounds
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...
CVE-2022-39907
Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...
PT-2022-25101 · Samsung · Samsung Decoding Library
Name of the Vulnerable Software and Affected Versions: Samsung decoding library versions prior to SMR Dec-2022 Release 1 Description: The issue is related to a TOCTOU vulnerability in the Samsung decoding library for video thumbnails, which allows a local attacker to perform an Out-Of-Bounds Writ...
CVE-2022-39908
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...
CVE-2022-39908
CVE-2022-39908 affects Samsung decoding library used for video thumbnails on Samsung Mobile devices prior to SMR Dec-2022 Release 1. The root cause is a TOCTOU condition enabling a local attacker to perform an Out-Of-Bounds Write. Affected component: Samsung decoding library for video thumbnails;...
WordPress Video Thumbnails plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2022-3828
The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3828
The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-3828
Video Thumbnails WordPress plugin (≤ version 2.12.3) contains a stored XSS vulnerability due to unsanitized/uncleaned settings, exploitable by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Affected component: plugin settings. Impact: stored XSS with potential for ad...
CVE-2022-3828 Video Thumbnails <= 2.12.3 - Admin+ Stored XSS
The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress plugin Video Thumbnails 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Video Thumbnails plugin <= 2.12.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by zhangyunpei in WordPress Video Thumbnails plugin versions = 2.12.3. Solution Deactivate and delete. This plugin has been closed as of November 2, 2022 and is not available for download. This closure is temporary, pending a full...
Video Thumbnails <= 2.12.3 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. Put the following payload in the "Custom Field...
Video Thumbnails <= 2.12.3 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC Put the following payload in the "Custom Fiel...
tifig 缓冲区错误漏洞
tifig is a Monostream open source fast HEIF image converter for thumbnails. A security vulnerability exists in tifig version v0.2.2, which stems from a heap buffer overflow in its /asan/asaninterceptorsmemintrinsics.cpp component in asanmemmove...
GHSA-276R-24XQ-HWG8 Pimcore XSS Vulnerability
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...
Pimcore XSS Vulnerability
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...