Lucene search
K

13 matches found

Nuclei
Nuclei
added yesterday11 views

Giga Messenger WordPress - Cross-Site Scripting

Giga Messenger WordPress plugin = 2.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...

6.1CVSS7AI score0.00567EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/31 10:0 p.m.5 views

CVE-2026-34537

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccOpDefEnvVar::Exec due to invalid enum values being loaded for icSigCmmEnvVar. The issue is observable under UBSan a...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/06 8:21 p.m.3 views

CVE-2026-25634

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply int IccTagMPE.cpp. This vulnerability is fixed in 2.3.1....

7.8CVSS5.4AI score0.00194EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2026/02/03 7:16 p.m.10 views

CVE-2026-25503

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when loading invalid icImageEncodingType values causin...

7.1CVSS0.00253EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.4 views

iccDEV 安全漏洞

iccDEV is an open source color configuration codebase from the International Color Consortium. A security vulnerability exists in iccDEV prior to version 2.3.1.2, which stems from a heap buffer overflow in the CIccCLUT::Init function that could lead to memory corruption...

8.8CVSS7AI score0.00365EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/07 9:50 p.m.4 views

EUVD-2026-1388

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTagXmlTagData::ToXml. This vulnerability affects users o...

6.3CVSS6.3AI score0.0019EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/07 9:23 p.m.4 views

CVE-2026-21685 iccDEV has Undefined Behavior in CIccTagLut16::Read()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLut16::Read. This vulnerability affects users of the iccDEV libra...

7.1CVSS6.4AI score0.00243EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.6 views

PT-2026-1407

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.1 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below contain Undefined Behavior in the CIccCLUT::Init function, which initializes and sets...

8.8CVSS6.6AI score0.00308EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 10:17 a.m.7 views

CVE-2024-29956

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav...

6.5CVSS7.1AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2024/07/13 3:15 a.m.7 views

AZL-73323 CVE-2023-39327 affecting package openjpeg2 2.3.1-12

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal...

4.3CVSS6.2AI score0.00528EPSS
Exploits0References1
OSV
OSV
added 2024/07/09 2:15 p.m.4 views

AZL-44982 CVE-2023-39328 affecting package openjpeg2 2.3.1-12

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file...

5.5CVSS5.7AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.4 views

Xpand IT Write-Back Manager Security Vulnerability

Xpand IT Write-back manager is an extension for Xpand IT. that allows users to enter data directly from Tableau dashboards into the database. A security vulnerability exists in Xpand IT Write-Back Manager version v2.3.1, which stems from the use of a weak key for signing JWT tokens, where an...

9.1CVSS6.7AI score0.00669EPSS
Exploits1References2
OSV
OSV
added 2023/09/07 2:15 a.m.5 views

CVE-2023-4792

The Duplicate Post Page Menu & Custom Post Type plugin for WordPress is vulnerable to unauthorized page and post duplication due to a missing capability check on the duplicateppmcpostasdraft function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers with...

4.3CVSS5.8AI score0.00406EPSS
Exploits0References3
Rows per page
Query Builder