CVE-2022-41195

SAP 3D Visual Enterprise Viewer (version 9) is affected by CVE-2022-41195 due to memory management flaws that can cause remote code execution when a manipulated IFF/2d.x3d file is opened. The vulnerability is described as a stack-based overflow or re-use of a dangling pointer referencing overwrit...

CVE-2022-41195

Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format .iff, 2d.x3d file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-bas...

SAP 3D Visual Enterprise Viewer 缓冲区错误漏洞

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports the publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installation as a stand-alone executable program and ActiveX space. A buffer overflow vulnerability...

tesseract 数字错误漏洞

tesseract is an open source OCR Optical Character Recognition engine. A numeric error vulnerability exists in the Leptonica linked library v1.79.0 in tesseract v5.0.0, which can be exploited by an attacker to cause an arithmetic anomaly via a specially crafted JPEG file, leading to a denial of...

UBUNTU-CVE-2022-1354

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service...

CVE-2022-0284

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format TIFF image to convert it into a PICON file format. This issue can potentially lead to a...

CVE-2022-0284

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format TIFF image to convert it into a PICON file format. This issue can potentially lead to a...

CVE-2022-0284

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format TIFF image to convert it into a PICON file format. This issue can potentially lead to a...

WordPress plugin Uploading SVG, WEBP and ICO files 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1486 HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability August 16, 2022 CVE Number CVE-2022-25942 SUMMARY An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to cod...

Exploit for Out-of-bounds Write in Sonicwall Sma_200_Firmware

SonicWallSSL-VPNRCE CVE-2021-20038...

PT-2022-19893 · Estsoft · Estsoft Alyac

Name of the Vulnerable Software and Affected Versions: ESTsoft Alyac version 2.5.8.544 Description: An integer overflow issue exists in the way ESTsoft Alyac parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execution. An attacke...

Fedora: Security Advisory for golang-github-pelletier-toml-2 (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-pelletier-toml-2-2.0.0~beta.8-5.fc36

Go library for the TOML file format...

UBUNTU-CVE-2022-34526

A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities...

Fedora: Security Advisory for golang-github-pelletier-toml-2 (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for libtiff (FEDORA-2022-edf7301147)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-35171

When a user opens manipulated JPEG 2000 .jp2, jp2k.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant...

Siemens Simcenter Femap和Siemens Parasolid 缓冲区错误漏洞

Simcenter Femap is an advanced simulation application for creating, editing, and inspecting finite element models of complex products or systems. parasolid is a 3D geometric modeling tool that supports a variety of techniques, including solid modeling, direct editing, and freeform/sheet modeling...

Fedora: Security Advisory for golang-github-pelletier-toml-2 (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...