Lucene search
K

184 matches found

CNNVD
CNNVD
added 2024/01/11 12:0 a.m.3 views

WordPress Plugin Ibtana Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS8.3AI score0.00436EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.5 views

PT-2024-15049 · WordPress · Ibtana

Name of the Vulnerable Software and Affected Versions: Ibtana – WordPress Website Builder plugin for WordPress versions up to, and including, 1.2.2 Description: The issue is related to Stored Cross-Site Scripting via the 'ive' shortcode due to insufficient input sanitization and output escaping o...

6.4CVSS5.5AI score0.00436EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/14 3:24 p.m.7 views

kernel: fbcon: shift-out-of-bounds in fbcon_set_font()

A flaw was found in the Framebuffer Console fbcon in the Linux Kernel. When providing a font-width and font-height greater than 32 to the fbconsetfont, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service...

5.5CVSS6.6AI score0.00206EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.8 views

kernel: fbcon: shift-out-of-bounds in fbcon_set_font()

A flaw was found in the Framebuffer Console fbcon in the Linux Kernel. When providing a font-width and font-height greater than 32 to the fbconsetfont, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service...

5.5CVSS6.6AI score0.00206EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/09/02 1:54 a.m.4 views

SUSE CVE-2023-39352

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values rect-left and rect-top are exactly equal to surface-width and...

5.3CVSS9.4AI score0.01297EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2023/08/18 12:15 a.m.4 views

CVE-2023-39125

NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmprw.c because a file's width, height, and BPP are not validated. NOTE: the vendor's perspective is "this main application was not intended to be a well tested program, it's just something to demonstrate it works and fo...

7.5CVSS7.1AI score0.00612EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/08/17 12:0 a.m.5 views

PT-2023-26793 · Ntsc-Crt · Ntsc-Crt

Name of the Vulnerable Software and Affected Versions: NTSC-CRT version 2.2.1 Description: The issue is related to an integer overflow and out-of-bounds write in the loadBMP function in bmp rw.c. This occurs because the file's width, height, and BPP are not validated. The vendor notes that the ma...

7.5CVSS7.5AI score0.00612EPSS
Exploits1References7
OSV
OSV
added 2023/06/12 8:15 p.m.14 views

AZL-27192 CVE-2023-3161 affecting package kernel for versions less than 5.15.116.1-2

A flaw was found in the Framebuffer Console fbcon in the Linux Kernel. When providing font-width and font-height greater than 32 to fbconsetfont, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.9 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer overflow vulnerability that stems from a flaw in the frame buffer console fbcon that fails to properly check fbconsetfont when provided...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.2 views

SUSE CVE-2004-0994

Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the readprffile function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify...

10CVSS8.1AI score0.05149EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.4 views

SUSE CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

9.3CVSS8.4AI score0.06742EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.4 views

SUSE CVE-2008-1379

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...

6.8CVSS7.2AI score0.01387EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.3 views

SUSE CVE-2009-2347

Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a cvtwholeimage...

9.3CVSS8.3AI score0.04152EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.4 views

SUSE CVE-2016-6912

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...

9.8CVSS7.4AI score0.04449EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.3 views

SUSE CVE-2017-5849

tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service out-of-bounds read and write via a crafted tiff image file, related to transposing width and height values...

4.4CVSS6.7AI score0.01926EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.5 views

SUSE CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the...

5.3CVSS7.3AI score0.02221EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.3 views

SUSE CVE-2017-16797

In SWFTools 0.9.2, the pngload function in lib/png.c does not properly validate an alloclen64 multiplication of width and height values, which allows remote attackers to cause a denial of service integer overflow, heap-based buffer overflow, and application crash or possibly have unspecified othe...

7.8CVSS7.6AI score0.01192EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.4 views

SUSE CVE-2019-13962

lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...

9.8CVSS8.1AI score0.036EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.3 views

SUSE CVE-2021-4207

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...

7.5CVSS7.6AI score0.00399EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2023/01/09 2:50 p.m.4 views

grub2: Heap based out-of-bounds write when redering certain unicode sequences

A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...

7.1CVSS7.3AI score0.00872EPSS
Exploits0References5
Rows per page
Query Builder