WordPress plugin CF7 Submissions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

DEBIAN-CVE-2023-31485

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks...

PT-2023-23360 · Gitlab +1 · Gitlab::Api::V4 +1

Name of the Vulnerable Software and Affected Versions: GitLab::API::v4 versions 0.26 and earlier Description: The issue allows for machine-in-the-middle attacks due to the lack of TLS certificate verification when connecting to a GitLab server. Recommendations: For GitLab::API::v4 versions 0.26 a...

SUSE CVE-2018-8976

In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service image.cpp Exiv2::Internal::stringFormat out-of-bounds read via a crafted file...

Exiv2 'readHeader' Function Denial of Service Vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A security vulnerability exists in the 'readHeader' functi...