182 matches found
SUSE CVE-2020-11864
libEMF aka ECMA-234 Metafile Library through 1.0.11 allows denial of service issue 2 of 2...
SUSE CVE-2020-11866
libEMF aka ECMA-234 Metafile Library through 1.0.11 allows a use-after-free...
PT-2023-4440 · Libde265 +3 · Libde265 +3
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.10 Description: The issue is related to a heap-buffer-overflow vulnerability in the derive spatial luma vector prediction function in motion.cc of the Libde265 video codec implementation. This vulnerability can be exploit...
PT-2022-7570 · Libde265 +1 · Libde265 +1
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.9 Description: The issue is related to a buffer overflow in the put qpel fallback function of the Libde265 video codec implementation. This can allow an attacker to access confidential data, compromise data integrity, and...
PT-2022-7261 · Libde265 +3 · Libde265 +3
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.8 Description: The issue is related to a heap-buffer-overflow vulnerability in the put epel 16 fallback function of the Libde265 video codec implementation for h.265. This vulnerability can be exploited by a remote attack...
PT-2022-7258 · Libde265 +3 · Libde265 +3
Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.8 Description: The issue is related to a heap-buffer-overflow vulnerability via the put unweighted pred 16 fallback function in fallback-motion.cc. This allows attackers to cause a Denial of Service DoS via a crafted vide...
PT-2022-7254 · Libde265 +3 · Libde265 +3
Name of the Vulnerable Software and Affected Versions: Libde265 versions prior to 1.0.11 Description: The issue is related to a heap-buffer-overflow in the put weighted pred avg 16 fallback function, located in fallback-motion.cc, which can be exploited by attackers to cause a Denial of Service D...
PT-2022-10568 · Mythemeshop · Mythemeshop Launcher: Coming Soon & Maintenance Mode
Name of the Vulnerable Software and Affected Versions: MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin versions prior to 1.1.12 is not specified, however the version is = 1.0.11 Description: The issue is an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that a...
WordPress plugin Launcher: Coming Soon & Maintenance Mode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2022-2039
The Free Live Chat Support plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.11. This is due to missing nonce protection on the livesupportisettings function found in the /livesupporti.php file. This makes it possible for unauthenticated attacke...
PT-2022-13401 · WordPress · Bookingpress
Name of the Vulnerable Software and Affected Versions: BookingPress WordPress plugin versions prior to 1.0.11 Description: The issue arises from the failure to properly sanitize user-supplied POST data, which is then used in a dynamically constructed SQL query. This occurs via the "bookingpress...
CVE-2021-25050
The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
WordPress和WordPress plugin 跨站脚本漏洞
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin for WordPress. WordPress Remove Footer Credit plugin versions...
PT-2022-7269 · Libde265 +3 · Libde265 +3
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.8 Description: The issue is related to a segmentation violation via the apply sao internal function in sao.cc, which can be exploited to cause a Denial of Service DoS by using a crafted video file. This can be achieved by...
GHSA-4XRW-WVMQ-8JMH OS Command Injection in node-key-sender
node-key-sender through 1.0.11 is vulnerable to Command Injection. It allows execution of arbitrary commands via the 'arrParams' argument in the 'execute' function...
GHSA-563H-697M-J7X5 Malicious Package in device-mqtt
Version 1.0.11 of device-mqtt contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...
libEMF Denial of Service Vulnerability
libEMF is a library for generating enhanced metafiles. A security vulnerability exists in libEMF 1.0.11 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service...
libEMF Denial of Service Vulnerability (CNVD-2020-28251)
libEMF is a library for generating enhanced metafiles. A security vulnerability exists in libEMF 1.0.11 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service...
libEMF Buffer Overflow Vulnerability
libEMF is a library for generating enhanced metafiles. A buffer overflow vulnerability exists in libEMF version 1.0.11 and earlier. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read a...
CVE-2020-11865
libEMF aka ECMA-234 Metafile Library through 1.0.11 allows out-of-bounds memory access...