Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gig vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2017-12951
The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file.
Libgig0 Libgig 4.0.0
1 EDB exploit
435
VMScore
CVE-2017-12952
The LoadString function in helper.h in libgig 4.0.0 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.
Libgig0 Libgig 4.0.0
1 EDB exploit
435
VMScore
CVE-2017-12953
The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote malicious users to cause a denial of service (invalid memory write and application crash) via a crafted gig file.
Libgig0 Libgig 4.0.0
1 EDB exploit
435
VMScore
CVE-2012-4242
Cross-site scripting (XSS) vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the query string to the calendar page.
Mf Gig Calendar Project Mf Gig Calendar 0.9.2
1 EDB exploit
383
VMScore
CVE-2021-24510
The MF Gig Calendar WordPress plugin prior to 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue
Mf Gig Calendar Project Mf Gig Calendar
NA
CVE-2024-3755
The MF Gig Calendar WordPress plugin up to and including 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for examp...
NA
CVE-2024-3756
The MF Gig Calendar WordPress plugin up to and including 1.2.1 does not have CSRF checks in some places, which could allow malicious users to make logged in Contributors and above delete arbitrary events via a CSRF attack
NA
CVE-2024-33651
Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a up to and including 1.2.1.
NA
CVE-2023-50842
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar: from n/a up to and including 1.2.1.
Mf Gig Calendar Project Mf Gig Calendar
NA
CVE-2023-37970
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Matthew Fries MF Gig Calendar plugin <= 1.2 versions.
Mf Gig Calendar Project Mf Gig Calendar
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2