[SECURITY] Fedora 35 Update: python-pillow-8.3.2-3.fc35

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

Fedora: Security Advisory for libtiff (FEDORA-2022-c39720a0ed)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Accusoft ImageGear 缓冲区错误漏洞

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. Accusoft ImageGear suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to potentially cause memory corruption via a compiled file in the wrong format...

CVE-2021-44210

OX App Suite through 7.10.5 allows XSS via NIFF Notation Interchange File Format data...

Format string

OX App Suite through 7.10.5 allows XSS via NIFF Notation Interchange File Format data...

CVE-2021-44210

OX App Suite (Open-Xchange) up to version 7.10.5 is affected by a Cross-Site Scripting flaw in the frontend triggered via NIFF data. Publicly documented details indicate the vulnerable version is 7.10.5 with a fix in 7.10.5-rev26. Impact involves executing script in the victim’s context through N...

[SECURITY] Fedora 36 Update: python-pillow-9.0.1-5.fc36

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

[SECURITY] Fedora 36 Update: podofo-0.9.7-7.fc36

PoDoFo is a library to work with the PDF file format. The name comes from the first letter of PDF Portable Document Format. A few tools to work with PDF files are already included in the PoDoFo package. The PoDoFo library is a free, portable C++ library which includes classes to parse PDF files a...

Silicon Graphics LibTIFF 缓冲区错误漏洞

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains some command line tools for working with TIFF files. A security vulnerability exists in Silicon Graphics LibTIFF. An attacker can force to read an...

Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1434 Sound Exchange libsox sphere.c startread heap-based buffer overflow vulnerability March 23, 2022 CVE Number CVE-2021-40426 SUMMARY A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 a...

OESA-2022-1586 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

...

CVE-2021-40740

Adobe Audition version 14.4 and earlier is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

DEBIAN-CVE-2022-0891

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...

CVE-2022-24457

HEIF Image Extensions Remote Code Execution Vulnerability...

CVE-2021-26259

A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in rendertablerow,in ps-pdf.cxx may lead to arbitrary code execution and denial of service...

ok-file-formats 缓冲区错误漏洞

ok-file-formats is an open source decoder for PNG, JPEG, WAV and several other file formats. ok-file-formats 203defd suffers from a buffer error vulnerability that allows an attacker to trigger a buffer overflow via the function okpngtransformscanline in /okpng.c:494...

FileCloud 21.2 Cross Site Request Forgery

Exploit Title: FileCloud 21.2 - Cross-Site Request Forgery CSRF Date: 2022-02-20 Exploit Author: Masashi Fujiwara Vendor Homepage: https://www.filecloud.com/ Software Link: https://hub.docker.com/r/filecloud/filecloudserver21.2 Version: All versions of FileCloud prior to 21.3 Fiexd: version...

CVE-2021-46625

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2021-46597

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...