Lucene search
+L

182 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.4 views

SUSE CVE-2020-11864

libEMF aka ECMA-234 Metafile Library through 1.0.11 allows denial of service issue 2 of 2...

5.5CVSS6.9AI score0.01234EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.1 views

SUSE CVE-2020-11866

libEMF aka ECMA-234 Metafile Library through 1.0.11 allows a use-after-free...

7CVSS7AI score0.0132EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/01/30 12:0 a.m.3 views

PT-2023-4440 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.10 Description: The issue is related to a heap-buffer-overflow vulnerability in the derive spatial luma vector prediction function in motion.cc of the Libde265 video codec implementation. This vulnerability can be exploit...

9.8CVSS6.7AI score0.0202EPSS
Exploits46References179
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.5 views

PT-2022-7570 · Libde265 +1 · Libde265 +1

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.9 Description: The issue is related to a buffer overflow in the put qpel fallback function of the Libde265 video codec implementation. This can allow an attacker to access confidential data, compromise data integrity, and...

9.8CVSS6.9AI score0.0202EPSS
Exploits46References164
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.5 views

PT-2022-7261 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.8 Description: The issue is related to a heap-buffer-overflow vulnerability in the put epel 16 fallback function of the Libde265 video codec implementation for h.265. This vulnerability can be exploited by a remote attack...

9.8CVSS6.5AI score0.0202EPSS
Exploits46References205
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.5 views

PT-2022-7258 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.8 Description: The issue is related to a heap-buffer-overflow vulnerability via the put unweighted pred 16 fallback function in fallback-motion.cc. This allows attackers to cause a Denial of Service DoS via a crafted vide...

9.8CVSS6.4AI score0.0202EPSS
Exploits46References205
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.3 views

PT-2022-7254 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 versions prior to 1.0.11 Description: The issue is related to a heap-buffer-overflow in the put weighted pred avg 16 fallback function, located in fallback-motion.cc, which can be exploited by attackers to cause a Denial of Service D...

9.8CVSS6.3AI score0.0202EPSS
Exploits46References203
Positive Technologies
Positive Technologies
added 2022/09/06 12:0 a.m.5 views

PT-2022-10568 · Mythemeshop · Mythemeshop Launcher: Coming Soon & Maintenance Mode

Name of the Vulnerable Software and Affected Versions: MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin versions prior to 1.1.12 is not specified, however the version is = 1.0.11 Description: The issue is an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that a...

4.8CVSS4.7AI score0.00475EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.4 views

WordPress plugin Launcher: Coming Soon & Maintenance Mode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS5AI score0.00475EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/18 5:15 p.m.3 views

CVE-2022-2039

The Free Live Chat Support plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.0.11. This is due to missing nonce protection on the livesupportisettings function found in the /livesupporti.php file. This makes it possible for unauthenticated attacke...

8.8CVSS7.2AI score0.00644EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/03/21 12:0 a.m.8 views

PT-2022-13401 · WordPress · Bookingpress

Name of the Vulnerable Software and Affected Versions: BookingPress WordPress plugin versions prior to 1.0.11 Description: The issue arises from the failure to properly sanitize user-supplied POST data, which is then used in a dynamically constructed SQL query. This occurs via the "bookingpress...

9.8CVSS9.6AI score0.37171EPSS
Exploits11References10
OSV
OSV
added 2022/02/14 12:15 p.m.5 views

CVE-2021-25050

The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS5.8AI score0.00654EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/02/14 12:0 a.m.6 views

WordPress和WordPress plugin 跨站脚本漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin for WordPress. WordPress Remove Footer Credit plugin versions...

4.8CVSS5.3AI score0.00654EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2022/02/11 12:0 a.m.3 views

PT-2022-7269 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.8 Description: The issue is related to a segmentation violation via the apply sao internal function in sao.cc, which can be exploited to cause a Denial of Service DoS by using a crafted video file. This can be achieved by...

9.8CVSS6.7AI score0.0202EPSS
Exploits46References199
OSV
OSV
added 2022/02/10 11:46 p.m.76 views

GHSA-4XRW-WVMQ-8JMH OS Command Injection in node-key-sender

node-key-sender through 1.0.11 is vulnerable to Command Injection. It allows execution of arbitrary commands via the 'arrParams' argument in the 'execute' function...

9.8CVSS6.2AI score0.04118EPSS
Exploits1References3
OSV
OSV
added 2020/09/03 7:18 p.m.13 views

GHSA-563H-697M-J7X5 Malicious Package in device-mqtt

Version 1.0.11 of device-mqtt contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2020/05/12 12:0 a.m.3 views

libEMF Denial of Service Vulnerability

libEMF is a library for generating enhanced metafiles. A security vulnerability exists in libEMF 1.0.11 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS6.7AI score0.01078EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/12 12:0 a.m.2 views

libEMF Denial of Service Vulnerability (CNVD-2020-28251)

libEMF is a library for generating enhanced metafiles. A security vulnerability exists in libEMF 1.0.11 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS6.7AI score0.01234EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/12 12:0 a.m.5 views

libEMF Buffer Overflow Vulnerability

libEMF is a library for generating enhanced metafiles. A buffer overflow vulnerability exists in libEMF version 1.0.11 and earlier. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read a...

7.8CVSS7.3AI score0.01358EPSS
Exploits0References1
OSV
OSV
added 2020/05/11 4:15 p.m.7 views

CVE-2020-11865

libEMF aka ECMA-234 Metafile Library through 1.0.11 allows out-of-bounds memory access...

7.8CVSS7.6AI score
Exploits0References5
Rows per page
Query Builder