Lucene search
+L

148 matches found

OSV
OSV
added 2021/01/07 2:10 p.m.5 views

USN-4686-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary co...

8.8CVSS6.8AI score0.04973EPSS
Exploits4References10
CNVD
CNVD
added 2020/09/09 12:0 a.m.4 views

Microsoft Microsoft Windows Codecs Library Remote Code Execution Vulnerability (CNVD-2021-01043)

Microsoft Windows is an operating system for personal devices from Microsoft.DirectX is a multimedia system library. A remote code execution vulnerability exists in the Microsoft Windows Codecs Library. The vulnerability can be exploited to obtain information via specially crafted image files,...

8.8CVSS7.8AI score0.03758EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2020/07/01 12:25 p.m.7 views

Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws

Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions' users. To be noted, Microsoft rushed to deliver patches almost two weeks before the upcoming monthly 'Patch Tuesday...

7.8CVSS7.9AI score0.123EPSS
Exploits0
CNVD
CNVD
added 2020/04/16 12:0 a.m.4 views

Microsoft Windows Codecs Library Remote Code Execution Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems.Microsoft Windows Codecs Library is one of the audio and video file codecs...

7.8CVSS8.5AI score0.02065EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:16 a.m.19 views

Denial Of Service(DoS)

The GIMP GNU Image Manipulation Program is vulnerable to Denial Of ServiceDoS. An attacker could create a carefully crafted image file that could cause The GIMP to crash or possibly execute arbitrary code if the file was opened by a victim...

4.3CVSS4.1AI score0.02621EPSS
Exploits0References14Affected Software1
RedHat Linux
RedHat Linux
added 2020/02/20 10:18 p.m.5 views

python-pillow: reading specially crafted image files leads to allocation of large amounts of memory and denial of service

A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to this flaw...

7.5CVSS7AI score0.03154EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.38 views

EulerOS 2.0 SP2 : exiv2 (EulerOS-SA-2019-2375)

According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-bas...

7.5CVSS6.5AI score0.03098EPSS
Exploits15References20
Tenable Nessus
Tenable Nessus
added 2019/11/27 12:0 a.m.33 views

EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2019-2277)

According to the versions of the exiv2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer over-read via a...

6.5CVSS6.4AI score0.0273EPSS
Exploits4References6
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.5 views

The vulnerability of the QuantumTransferMode function (coders/tiff.c), a cross-platform library for working with graphics, allows a hacker to trigger a service failure.

The vulnerability of the QuantumTransferMode function coders/tiff.c in the cross-platform library for working with graphics in GraphicsMagick is related to a buffer overflow vulnerability. Exploiting this vulnerability could allow an attacker to cause a service failure using a specially created...

5.5CVSS7.2AI score0.01932EPSS
Exploits0References7Affected Software2
CNVD
CNVD
added 2019/11/06 12:0 a.m.7 views

LEAD Technologies LEADTOOLS Numeric Error Vulnerability

LEAD Technologies LEADTOOLS is an image processing development kit from LEAD Technologies. A numeric error vulnerability exists in the CMP parsing function in LEAD Technologies LEADTOOLS. The vulnerability can be exploited to execute code via specially crafted CMP image files...

8.8CVSS7.5AI score0.02038EPSS
Exploits1References1
CNVD
CNVD
added 2019/11/05 12:0 a.m.12 views

Investintech Able2Extract Professional Memory Corruption Vulnerability (CNVD-2019-40117)

Investintech Able2Extract Professional is a PDF document converter and editor from Investintech Canada. The product supports PDF document scanning, PDF editing and PDF viewing. Investintech Able2Extract Professional suffers from a memory corruption vulnerability that can be exploited by attackers...

8.8CVSS8AI score0.01955EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2019/10/01 12:0 a.m.40 views

Ubuntu: Security Advisory (USN-4143-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.03299EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2019/10/01 12:0 a.m.32 views

Ubuntu 16.04 LTS / 18.04 LTS : SDL 2.0 vulnerabilities (USN-4143-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4143-1 advisory. It was discovered that SDL 2.0 mishandled crafted image files resulting in an integer overflow. If a user were tricked into opening a malicio...

8.8CVSS7AI score0.03299EPSS
Exploits6References6
OSV
OSV
added 2019/09/30 3:5 p.m.6 views

USN-4143-1 SDL 2.0 vulnerabilities

It was discovered that SDL 2.0 mishandled crafted image files resulting in an integer overflow. If a user were tricked into opening a malicious file, SDL 2.0 could be caused to crash or potentially run arbitrary code. CVE-2017-2888 It was discovered that SDL 2.0 mishandled crafted image files. If...

8.8CVSS6.9AI score0.03299EPSS
Exploits6References6
UbuntuCve
UbuntuCve
added 2018/09/16 12:0 a.m.29 views

CVE-2018-17101

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service application crash or possibly have unspecified other impact via a crafted image file...

8.8CVSS6.8AI score0.03156EPSS
Exploits0References3
OSV
OSV
added 2018/09/13 12:29 a.m.1 views

CVE-2018-8475

A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Serve...

8.8CVSS7.9AI score0.14646EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/09/06 10:0 p.m.38 views

CVE-2018-16643

The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image...

6.5CVSS7.2AI score0.0308EPSS
Exploits0
OSV
OSV
added 2018/03/09 7:29 p.m.15 views

CVE-2018-7998

In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vipsregiongenerate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race conditi...

7.5CVSS7.9AI score
Exploits0References3
Packet Storm
Packet Storm
added 2018/02/27 12:0 a.m.45 views

ActivePDF Toolkit Code Execution

ActivePDF Toolkit 8.1.0 multiple RCE Introduction ============ The ActivePDF Toolkit is a Windows library which enhances business processes to stamp, stitch, merge, form-fill, add digital signatures, barcodes to PDF. Both .NET and native APIs are provided. Amongst many other operations, this...

9.2AI score0.12542EPSS
Exploits5
OSV
OSV
added 2018/02/12 10:29 p.m.7 views

PYSEC-2018-124

In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...

6.5CVSS6.2AI score
Exploits0References2
Rows per page
Query Builder