Search Results | AttackerKB

Show filters

Topics 34 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

34 Total Results

Displaying 1-10 of 34

Attacker Value

Unknown

CVE-2024-24399

Disclosure Date: January 25, 2024 (last updated April 01, 2024)

An arbitrary file upload vulnerability in LEPTON v7.0.0 allows authenticated attackers to execute arbitrary PHP code by uploading this code to the backend/languages/index.php languages area.

Attack Vector: Network Privileges: High User Interaction: None

0

Attacker Value

Unknown

CVE-2020-24872

Disclosure Date: August 11, 2023 (last updated October 08, 2023)

Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-4104

Disclosure Date: November 28, 2022 (last updated February 24, 2025)

A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-38266

Disclosure Date: September 09, 2022 (last updated February 24, 2025)

An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-26181

Disclosure Date: February 28, 2022 (last updated February 23, 2025)

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2020-36281

Disclosure Date: March 12, 2021 (last updated February 22, 2025)

Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-36280

Disclosure Date: March 12, 2021 (last updated February 22, 2025)

Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-36279

Disclosure Date: March 12, 2021 (last updated February 22, 2025)

Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-36278

Disclosure Date: March 12, 2021 (last updated February 22, 2025)

Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2020-36277

Disclosure Date: March 11, 2021 (last updated February 22, 2025)

Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.

Attack Vector: Network Privileges: None User Interaction: None

0