Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
image zoom vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-41619
Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a up to and including 1.8.8.
Sedlex Image Zoom
5.5
CVSSv3
CVE-2023-42883
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service.
Apple Macos
Apple Safari
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.5
CVSSv3
CVE-2023-30200
In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack.
Advancedplugins Ultimateimagetool
9.8
CVSSv3
CVE-2021-34416
The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version 4.6.360.20210325, Zoom on-premise Recording Connector before version 3.8.44.20210326, Zoom on-pre...
Zoom Meeting Connector
Zoom Recording Connector
Zoom Virtual Room Connector
Zoom Virtual Room Connector Load Balancer
1 Article
7.2
CVSSv3
CVE-2021-34414
The network proxy page on the web portal for the Zoom on-premise Meeting Connector Controller before version 4.6.348.20201217, Zoom on-premise Meeting Connector MMR before version 4.6.348.20201217, Zoom on-premise Recording Connector before version 3.8.42.20200905, Zoom on-premis...
Zoom Meeting Connector
Zoom Recording Connector
Zoom Virtual Room Connector
Zoom Virtual Room Connector Load Balancer
1 Article
5.3
CVSSv3
CVE-2021-24447
The WP Image Zoom WordPress plugin prior to 1.47 did not validate its tab parameter before using it in the include_once() function, leading to a local file inclusion issue in the admin dashboard
Silkypress Wp Image Zoom
6.5
CVSSv3
CVE-2018-1000510
WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Can be triggered intentionally (or unintentionally via CSRF) by any logged in user....
Silkypress Image Zoom 1.23
NA
CVE-2005-3178
Buffer overflow in xloadimage 4.1 and previous versions, and xli, might allow user-assisted malicious users to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
Xli Xli
Xloadimage Xloadimage
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started