1070 matches found
SUSE CVE-2017-16797
In SWFTools 0.9.2, the pngload function in lib/png.c does not properly validate an alloclen64 multiplication of width and height values, which allows remote attackers to cause a denial of service integer overflow, heap-based buffer overflow, and application crash or possibly have unspecified othe...
SUSE CVE-2017-16794
The pngload function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file, as demonstrated by an erroneous...
SUSE CVE-2018-12359
A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60,...
SUSE CVE-2019-13962
lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...
SUSE CVE-2021-4207
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...
SUSE CVE-2021-4216
A Floating point exception division-by-zero flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream...
SUSE CVE-2022-21733
Tensorflow is an Open Source Machine Learning Framework. The implementation of StringNGrams can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on padwitdh and that result in computing a negative value for...
SUSE CVE-2022-29211
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.histogramfixedwidth is vulnerable to a crash when the values array contain Not a Number NaN elements. The implementation assumes that all floating point operation...
SUSE CVE-2022-44617
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...
grub2: Heap based out-of-bounds write when redering certain unicode sequences
A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...
CVE-2015-10075
A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function overridecontentwidth/registersettings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotel...
Cross site scripting
A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function overridecontentwidth/registersettings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotel...
CVE-2015-10075 Custom-Content-Width custom-content-width.php register_settings cross site scripting
A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function overridecontentwidth/registersettings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotel...
CVE-2015-10075
Summary of CVE-2015-10075 / Custom-Content-Width : The vulnerability affects the Custom-Content-Width 1.0 plugin, specifically the function override_content_width/register_settings in custom-content-width.php. The issue allows remote cross-site scripting (XSS) due to the underlying handling in th...
A flaw was found in libXpm. When processing a file with width of 0 and a very large height some parser functions will be called repeatedly and can lead to an infinite loop resulting in a Denial of Service in the application linked to the library.
...
Custom Content Width 跨站脚本漏洞
Custom Content Width is an application by George Stephanis Personal Developer. Add custom content width settings to settings to allow users to override the content width of their theme. A cross-site scripting vulnerability exists in Custom Content Width version 1.0, which stems from a problem wit...
PT-2023-10254 · Unknown · Custom-Content-Width
Name of the Vulnerable Software and Affected Versions: Custom-Content-Width version 1.0 Description: A vulnerability was found in Custom-Content-Width, affecting the function override content width/register settings of the file custom-content-width.php. This issue leads to cross-site scripting an...
AZL-13230 CVE-2022-44617 affecting package libXpm for versions less than 3.5.17-1
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...
ALPINE-CVE-2022-44617
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...
DEBIAN-CVE-2022-44617
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...