Lucene search
+L

148 matches found

OSV
OSV
added 2018/02/01 3:36 p.m.6 views

SUSE-SU-2018:0339-1 Security update for jasper

This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9262: Multiple integer overflows in the jasrealloc function in base/jasmalloc.c and memresize function in base/jasstream.c allow remote attackers to cause a denial of service via a crafted image, which triggers u...

7.5CVSS6.5AI score0.04414EPSS
Exploits0References19
CNVD
CNVD
added 2017/12/04 12:0 a.m.4 views

LibTIFF Denial of Service Vulnerability (CNVD-2017-38251)

Libtiff is a library for reading and writing Tagged Image File Format abbreviated TIFF files. A denial of service vulnerability exists in tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9. A remote attacker could cause a denial of service TIFFSetupStrips heap buffer overflow and application crash by...

8.8CVSS7.3AI score0.10639EPSS
Exploits1References1
CNVD
CNVD
added 2017/09/13 12:0 a.m.5 views

XnView Classic for Windows Arbitrary Code Execution Vulnerability (CNVD-2017-32593)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A security vulnerability exists in version 2.40 of XnView Classic for Windows...

7.8CVSS7.9AI score0.00373EPSS
Exploits0References1
OSV
OSV
added 2017/09/11 6:29 p.m.6 views

CVE-2017-14290

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Heap Corruption starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...

7.8CVSS6.1AI score0.00373EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/24 12:0 a.m.7 views

ImageMagick Denial of Service Vulnerability (CNVD-2017-25056)

ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A denial-of-service vulnerability exists in ImageMagick's handling of PNG files, which allows remote attackers to exploit the vulnerability to construct malicious files and trick users into...

6.5CVSS7AI score0.01811EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/06 12:0 a.m.5 views

XnView Classic for Windows Buffer Overflow Vulnerability (CNVD-2017-14637)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A buffer overflow vulnerability exists in version 2.40 of XnView Classic for...

7.8CVSS7.9AI score0.01556EPSS
Exploits0References1
OSV
OSV
added 2017/07/05 8:29 p.m.7 views

CVE-2017-9913

XnView Classic for Windows Version 2.40 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!TpAllocCleanupGroup+0x00000000000003d7."...

7.8CVSS5.9AI score0.00988EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/06/07 12:0 a.m.18 views

GLSA-201706-06 : ImageWorsener: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201706-06 ImageWorsener: Multiple vulnerabilities Multiple vulnerabilities have been discovered in ImageWorsener. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to...

8.8CVSS6.4AI score0.02569EPSS
Exploits1References10
OSV
OSV
added 2017/03/15 7:59 p.m.7 views

CVE-2015-8898

The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted image file...

5.5CVSS7.6AI score
Exploits0References12
OSV
OSV
added 2017/01/20 3:59 p.m.3 views

ALPINE-CVE-2016-5317

Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack crash via a crafted TIFF file...

6.5CVSS6.9AI score0.01962EPSS
Exploits0References1
OSV
OSV
added 2016/11/04 10:59 a.m.4 views

DEBIAN-CVE-2016-9190

Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...

7.8CVSS9.5AI score0.02026EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/10/31 12:0 a.m.37 views

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2667-1)

This update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8684: Mismatch between real filesize...

9.8CVSS6.8AI score0.04885EPSS
Exploits5References125
FreeBSD
FreeBSD
added 2015/10/09 12:0 a.m.32 views

optipng -- multiple vulnerabilities

ifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service uninitialized memory read via a crafted GIF file. The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory...

9.3CVSS7.9AI score0.04426EPSS
Exploits2
CNVD
CNVD
added 2015/08/12 12:0 a.m.3 views

LEMON-S PHP Gazou BBS plus Arbitrary File Upload Vulnerability

LEMON-S PHP Gazou BBS plus is a free PHP-based electronic bulletin board system BBS. A security vulnerability exists in LEMON-S PHP Gazou BBS plus 2.35 and earlier versions. The vulnerability can be exploited by remote attackers to upload arbitrary HTML documents using specially crafted image fil...

5CVSS7.1AI score0.01344EPSS
Exploits0References1
OSV
OSV
added 2014/11/21 12:44 p.m.10 views

MGASA-2014-0473 Updated ffmpeg packages fix security vulnerabilities

A heap-based buffer overflow in the encodeslice function in libavcodec/proresenckostya.c in FFmpeg before 1.1.14 can cause a crash, allowing a malicious image file to cause a denial of service CVE-2014-5271. libavcodec/iff.c in FFmpeg before 1.1.14 allows an attacker to have an unspecified impact...

7.5CVSS6.6AI score0.04697EPSS
Exploits0References6
OSV
OSV
added 2014/11/21 12:44 p.m.8 views

MGASA-2014-0464 Updated ffmpeg packages fix security vulnerabilities

A heap-based buffer overflow in the encodeslice function in libavcodec/proresenckostya.c in FFmpeg before 2.0.6 can cause a crash, allowing a malicious image file to cause a denial of service CVE-2014-5271. libavcodec/iff.c in FFmpeg before 2.0.6 allows an attacker to have an unspecified impact v...

7.5CVSS9.8AI score0.04697EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/11/06 4:59 p.m.4 views

php: heap corruption issue in exif_thumbnail()

A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifthumbnail function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application...

6.8CVSS7.8AI score0.22633EPSS
Exploits1References4
Cvelist
Cvelist
added 2012/06/05 10:0 p.m.29 views

CVE-2012-0247

ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image...

8.4AI score0.03816EPSS
Exploits0References15
NVD
NVD
added 2010/08/24 10:0 p.m.11 views

CVE-2010-1526

Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via 1 a crafted TIFF file, related to the gdiploadtiffimage function in tiffcodec.c; 2 a crafted JPEG file, related to the gdiploadjpegimageinternal function in jpegcodec.c; or 3 a crafted B...

6.8CVSS7.4AI score0.01914EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2010/08/24 8:0 p.m.67 views

CVE-2010-1526

Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via 1 a crafted TIFF file, related to the gdiploadtiffimage function in tiffcodec.c; 2 a crafted JPEG file, related to the gdiploadjpegimageinternal function in jpegcodec.c; or 3 a crafted B...

6.8CVSS7.4AI score0.01914EPSS
Exploits0
Rows per page
Query Builder