CVE-2026-8899 Auto Thumbnails <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Auto Thumbnail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'thumbnails' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on the shortcode's 'width' and 'height' attributes in the athnthumbnail...

EUVD-2025-203843

Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...

SUSE CVE-2015-8663

The ffgetbuffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted .mov file...

Huawei EulerOS: Security Advisory for netpbm (EulerOS-SA-2019-2426)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2017-16797

In SWFTools 0.9.2, the pngload function in lib/png.c does not properly validate an alloclen64 multiplication of width and height values, which allows remote attackers to cause a denial of service integer overflow, heap-based buffer overflow, and application crash or possibly have unspecified othe...

USN-3380-1 freerdp vulnerabilities

It was discovered that FreeRDP incorrectly handled certain width and height values. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. CVE-2014-0250 It was discovered...

The vulnerability of the `gdImageWebPtr` function in the GD Graphics Library allows attackers to exert undefined effects.

The vulnerability of the gdImageWebPtr function in the GD Graphics Library is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker, operating remotely, to cause unpredictable effects by using large values for width and height...

Out-of-bounds

tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service out-of-bounds read and write via a crafted tiff image file, related to transposing width and height values...

CVE-2016-6912

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...

CVE-2016-6912

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...

The vulnerability of the FFmpeg multimedia library, which allows a intruder to trigger a service failure or cause other effects

The vulnerability of the FFmpeg multimedia library exists due to the retention of width and height parameters after a failure. Exploiting this vulnerability can allow a malicious actor to cause service interruptions or potentially have other effects using a specially created .mov file...

CVE-2002-2061

Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel...

CVE-2005-1142

Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values...