CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

749 matches found

Images to WebP < 1.9 - Authenticated Local File Inclusion

The Images to WebP WordPress plugin before version 1.9 did not validate or sanitize the tab parameter before using it in the include function. id: CVE-2021-24644 info: name: Images to WebP 1.9 - Authenticated Local File Inclusion author: Sourabh-Sahu severity: high description: | The Images to We...

7.5CVSS7.1AI score0.30489EPSS

Exploits2References2

Nuclei•added yesterday•16 views

WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect

WordPress WebP Converter for Media 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an open redirect issue. id: CVE-2021-25074 info: name: WordPress WebP Converter for Media 4.0.3 - Unauthenticated Open Redirect author:...

6.1CVSS6.3AI score0.01001EPSS

Exploits2References4

AstraLinux•added 2026/05/20 5:53 a.m.•9 views

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick’s coders, specifically in the webp.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The most significant threat of this vulnerability is the impact on system...

7.1CVSS6.4AI score0.00234EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в libwebp

A heap-based buffer overflow was discovered in libwebp in versions prior to 1.0.1 in the ShiftBytes function...

9.1CVSS7.5AI score0.00575EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в exempi

A buffer overflow vulnerability exists in WEBPSupport.cpp in exempi 2.5.0 and earlier, allowing remote attackers to cause a denial of service by opening crafted webp files...

6.5CVSS7.1AI score0.02158EPSS

Exploits1References1

Fedora•added 2026/05/11 1:3 a.m.•6 views

[SECURITY] Fedora 43 Update: SDL3_image-3.4.4-1.fc43

Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This is a simple library to load images of various formats as SDL surfaces. It can load BMP, GIF, JPEG, LBM, PCX, PNG, PNM PPM/PGM/PBM, QOI, TGA, XCF,...

7.1CVSS5.9AI score0.00012EPSS

Exploits0

RedhatCVE•added 2026/05/06 6:16 a.m.•2 views

CVE-2026-33813

A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service DoS...

7.5CVSS5.8AI score0.00069EPSS

Exploits0References6

SUSE CVE•added 2026/05/06 1:42 a.m.•2 views

SUSE CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.8AI score0.00069EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в libwebp

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.00527EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в libwebp

A flaw was discovered in libwebp in versions prior to 1.0.1. An out-of-bounds read was identified in the ChunkAssignData function. The greatest threat posed by this vulnerability is related to data confidentiality and service availability...

9.1CVSS7.3AI score0.00409EPSS

Exploits0References2

Tenable Nessus•added 2026/04/22 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-33813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing a WEBP image with an invalid, large size panics on 32-bit platforms. CVE-2026-33813 Note that Nessus relies on the presence of the package as reported b...

7.5CVSS5.8AI score0.00069EPSS

Exploits0References4

OSV•added 2026/04/21 8:16 p.m.•0 views

DEBIAN-CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.3AI score0.00069EPSS

Exploits0References1

NVD•added 2026/04/21 8:16 p.m.•0 views

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS0.00069EPSS

Exploits0References3

UbuntuCve•added 2026/04/21 8:16 p.m.•0 views

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.8AI score0.00069EPSS

Exploits0References3

OSV•added 2026/04/21 8:16 p.m.•0 views

UBUNTU-CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.8AI score0.00069EPSS

Exploits0References4

Debian CVE•added 2026/04/21 7:21 p.m.•1 views

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.3AI score0.00069EPSS

Exploits0

Cvelist•added 2026/04/21 7:21 p.m.•27 views

CVE-2026-33813 Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

0.00069EPSS

Exploits0References3

CVE•added 2026/04/21 7:21 p.m.•4 views

CVE-2026-33813

CVE-2026-33813 affects decoding of WEBP images in golang.org/x/image. The issue occurs when parsing a WEBP image with an invalid, large size on 32-bit platforms, causing a panic. Connected sources corroborate that this is a panic condition specific to large/invalid sizes on 32-bit architectures; ...

7.5CVSS5.8AI score0.00069EPSS

Exploits0References3Affected Software1