Lucene search
+L

506 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:35 p.m.8 views

CVE-2020-9008

Stored Cross-site scripting XSS vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor...

5.4CVSS5.8AI score0.00617EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:34 p.m.23 views

CVE-2020-9388

CSRF protection was not present in SquaredUp before version 4.6.0. A CSRF attack could have been possible by an administrator executing arbitrary code in a HTML dashboard tile via a crafted HTML page, or by uploading a malicious SVG payload into a dashboard...

6.5CVSS7.3AI score0.00777EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:2 p.m.5 views

CVE-2020-0786

A denial of service vulnerability exists when the Windows Tile Object Service improperly handles hard links, aka 'Windows Tile Object Service Denial of Service Vulnerability'...

7.1CVSS6.7AI score0.00817EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:31 a.m.7 views

gstreamer: AV1 Video Parsing Stack-based Buffer Overflow

A stack-based buffer overflow flaw was found in GStreamer. This issue may lead to code execution while parsing tile list data within AV1-encoded video files...

8.8CVSS6.4AI score0.01559EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.6 views

The vulnerability of the TIFFInput::read_native_tile() function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library allows a attacker to cause a service failure.

The vulnerability of the TIFFInput::readnativetile function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library is related to improper memory allocation. Exploiting this vulnerability may allow an attacker to cause a service failure...

9.4CVSS5.5AI score
Exploits0References4Affected Software1
SUSE Linux
SUSE Linux
added 2025/02/28 4:30 p.m.4 views

Security update for tiff

This update for tiff fixes the following issues: CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits in tiffcrop.c bsc1212607. CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt leading to denial of service bsc1219213. Other bugfixes: Fixed tiff build issue on...

6.1CVSS7.5AI score0.02187EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2025/02/20 2:30 p.m.4 views

SUSE CVE-2025-22920

A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c allows attackers to trigger a memory corruption via supplying a crafted media file in avformat when processing tile grid group streams. This can lead to a Denial of Service DoS...

3.3CVSS7.4AI score0.00333EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/19 12:24 p.m.11 views

CVE-2025-22920

A flaw was found in FFmpeg. This vulnerability allows attackers to trigger memory corruption via supplying a crafted media file in avformat when processing tile grid group streams, leading to a Denial of Service DoS. Mitigation Mitigation for this issue is either not available or the currently...

6.5CVSS6.6AI score0.00333EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2025/02/18 12:0 a.m.2 views

CVE-2025-22920

A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c allows attackers to trigger a memory corruption via supplying a crafted media file in avformat when processing tile grid group streams. This can lead to a Denial of Service DoS...

5.3CVSS7.4AI score0.00333EPSS
Exploits0
OSV
OSV
added 2025/01/24 2:15 p.m.2 views

DEBIAN-CVE-2022-47090

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gfvvcreadppsbsinternal function of mediatools/avparsers.c, check needed for numexptilecolumns...

7.8CVSS5.6AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 8:15 p.m.6 views

CVE-2025-23573

Cross-Site Request Forgery CSRF vulnerability in sammyb WP Background Tile wp-background-tile allows Stored XSS.This issue affects WP Background Tile: from n/a through = 1.0...

7.1CVSS0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/16 8:6 p.m.17 views

CVE-2025-23573 WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in sammyb WP Background Tile wp-background-tile allows Stored XSS.This issue affects WP Background Tile: from n/a through = 1.0...

7.1CVSS0.00184EPSS
Exploits0References1
CVE
CVE
added 2025/01/16 8:6 p.m.43 views

CVE-2025-23573

CVE-2025-23573 is a Cross-Site Request Forgery (CSRF) vulnerability in the WP Background Tile plugin that allows Stored XSS. Affected: WP Background Tile from n/a through version 1.0. Red Hat and other connected documents corroborate the CSRF-to-Stored-XSS nature but do not provide additional tec...

7.1CVSS7.2AI score0.00184EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:41 p.m.3 views

WordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin WP Background Tile versions = 1.0...

7.1CVSS6.2AI score0.00184EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/16 12:0 a.m.3 views

PT-2025-4947 · WordPress · Wp Background Tile

Name of the Vulnerable Software and Affected Versions: WP Background Tile versions n/a through 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

7.1CVSS9.1AI score0.00184EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/16 12:0 a.m.5 views

WordPress plugin WP Background Tile 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS8.2AI score0.00184EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 7:15 a.m.5 views

CVE-2024-10784

The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Tile Gallery' widget in all versions up to, and including, 1.5.126 due to insufficient input sanitization and output escaping. This makes it possible for...

5.4CVSS7.4AI score0.00345EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/12 12:0 a.m.6 views

PT-2024-16543 · WordPress · Unlimited Elements For Elementor

Name of the Vulnerable Software and Affected Versions: Unlimited Elements For Elementor plugin for WordPress versions up to, and including, 1.5.126 Description: The issue is related to Stored Cross-Site Scripting via the Tile Gallery widget due to insufficient input sanitization and output...

6.4CVSS6.2AI score0.00345EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.6 views

The vulnerability of the `filter_frame` function in the `vf_tile.c` component of the FFmpeg multimedia library occurs due to improper memory release before deleting the last reference. This allows a malicious actor to trigger a service failure.

The vulnerability of the filterframe function in the vftile.c component of the FFmpeg multimedia library is related to improper memory release before deleting the last reference. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS6.8AI score0.01041EPSS
Exploits1References8Affected Software3
OSV
OSV
added 2024/11/05 5:4 p.m.9 views

CVE-2024-50090 drm/xe/oa: Fix overflow in oa batch buffer

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fix overflow in oa batch buffer By default xebbcreatejob appends a MIBATCHBUFFEREND to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at eac...

5.5CVSS6.5AI score0.00203EPSS
Exploits0References5
Rows per page
Query Builder