Lucene search
+L

877 matches found

CNNVD
CNNVD
added 2024/04/19 12:0 a.m.4 views

Jasper 安全漏洞

Jasper is a flexible and powerful GitHub issue reader from the Jasper open source. A security vulnerability exists in Jasper version 4.2.2, which stems from the presence of an Assertion Failure vulnerability that allows an attacker to cause a denial of service attack via a specific image file...

7.5CVSS6.8AI score0.00737EPSS
Exploits0References6
CVE
CVE
added 2024/03/27 12:0 a.m.108 views

CVE-2024-25580

The CVE-2024-25580 issue affects Qt, specifically in gui/util/qktxhandler.cpp, with potential buffer overflow leading to application crash when reading crafted KTX images. Affected products/versions include Qt before 5.15.17, Qt 6.x before 6.2.12, Qt 6.3.x–6.5.x before 6.5.5, and Qt 6.6.x before ...

6.2CVSS9.2AI score0.00321EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/03/27 12:0 a.m.25 views

CVE-2024-25580

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file...

9.6AI score0.00321EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/03/18 12:0 a.m.6 views

The vulnerability of the ImageIO component in operating systems such as iOS, iPadOS, tvOS, watchOS, macOS, and visionOS allows attackers to execute arbitrary code.

The vulnerability of the ImageIO component in iOS, iPadOS, tvOS, watchOS, macOS, and visionOS lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created image file...

10CVSS7.1AI score0.01247EPSS
Exploits0References11Affected Software6
Tenable Nessus
Tenable Nessus
added 2024/02/09 12:0 a.m.34 views

SUSE SLED15: avif-tools / gdk-pixbuf-loader-libavif / libavif-devel / libavif13 / etc (SUSE-SU-2024:0423-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0423-1 advisory. - CVE-2023-6704: Fixed use after free by not storing colorproperties until alpha item is found bsc1218303...

8.8CVSS7.3AI score0.00653EPSS
Exploits0References4
Prion
Prion
added 2024/01/23 11:15 p.m.33 views

Cross site scripting

Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...

4.9CVSS5.6AI score0.01448EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/04 12:0 a.m.37 views

FreeBSD : electron27 -- multiple vulnerabilities (d1b20e09-dbdf-432b-83c7-89f0af76324a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d1b20e09-dbdf-432b-83c7-89f0af76324a advisory. - Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to...

8.8CVSS8.2AI score0.4351EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.7 views

The vulnerability of the LZWDecode function in the libtiff/tif_lzw.c component of the LibTIFF library, which allows a hacker to cause a service failure.

The vulnerability of the LZWDecode function in the libtiff/tiflzw.c component of the LibTIFF library is related to reading data beyond the allowable buffer limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through a specially created TIF file...

7.1CVSS6.9AI score0.0122EPSS
Exploits1References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/12/18 12:0 a.m.30 views

Debian DSA-5579-1 : freeimage - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5579 advisory. Multiple vulnerabilities were discovered in FreeImage, a support library for graphics image formats, which could result in the execution of arbitrary code if...

7.8CVSS7.5AI score0.00903EPSS
Exploits1References9
Veracode
Veracode
added 2023/12/15 5:1 a.m.24 views

Use After Free

Chromium is vulnerable to Use After Free. The vulnerability is caused because of a User After Free error in libavif component. A remote attacker can exploit Heap Corruption via a crafted image file...

8.8CVSS6.5AI score0.00653EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2023/12/15 2:7 a.m.2 views

SUSE CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

8.8CVSS7.1AI score0.00653EPSS
Exploits0References8
NVD
NVD
added 2023/12/14 10:15 p.m.24 views

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

8.8CVSS0.00653EPSS
Exploits0References4
OSV
OSV
added 2023/12/14 10:15 p.m.30 views

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

8.8CVSS6.2AI score
Exploits0References4
Prion
Prion
added 2023/12/14 10:15 p.m.23 views

Design/Logic Flaw

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

6.8CVSS7.2AI score0.00653EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2023/12/14 10:15 p.m.23 views

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

8.8CVSS7.2AI score0.00653EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2023/12/14 9:48 p.m.34 views

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

8.8CVSS9.4AI score0.00653EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/12/14 9:48 p.m.25 views

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. Chromium security severity: High...

7AI score0.00653EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/25 12:0 a.m.24 views

Debian dla-3662 : libfreeimage-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3662 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3662-1 [email protected]...

7.8CVSS7.4AI score0.00903EPSS
Exploits1References8
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.10 views

The vulnerability of the OpenImageIO image processing library, related to uncontrolled recursion, allows a hacker to cause a service failure.

The vulnerability of the OpenImageIO image processing library is related to uncontrolled recursion. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through the use of a specially created image file...

7.8CVSS7.4AI score0.01344EPSS
Exploits1References8Affected Software4
RedHat Linux
RedHat Linux
added 2023/11/07 8:13 a.m.4 views

libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service

A vulnerability was found in LibTIFF, where a heap-based buffer overflow in the pal2rgb function in tools/pal2rgb.c can lead to a denial of service, a remote attacker could exploit this flaw by persuading a victim to open a specially crafted file, causing the application to crash...

8.8CVSS6.9AI score0.10639EPSS
Exploits1References4
Rows per page
Query Builder