[SECURITY] Fedora 33 Update: python-pillow-7.2.0-6.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Cisco Webex Network Recording Player 缓冲区错误漏洞

Cisco Webex Network Recording Player is a player for playing video conference recordings from Cisco. Cisco WebEx Network Recording Player suffers from a buffer error vulnerability that originates from a boundary error when processing ARF and WRF files. A remote attacker could exploit this...

DjVuLibre Denial of Service Vulnerability

DjVuLibre is an open source implementation of the DjVu computer file format, which includes a DjVu file viewer, browser plug-in, DjVu file decoder/encoder and other utilities.DjVuLibre suffers from a denial-of-service vulnerability that could be exploited by an attacker to cause an application to...

CVE-2021-31436

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Studio Photo 缓冲区错误漏洞

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An out-of-bounds write vulnerability exists in Foxit Studio Photo version 3.6.6.931 when parsing JPM files. The vulnerability stems from the program not properly validating user input. An attacker can...

Remote Code Execution (RCE)

perl-image-exiftool is vulnerable to remote code execution. A lack of proper neutralization of user data in the DjVu file format in ExifTool allows an attacker to arbitrary code execution by sending a malicious image jpg, tiff, mp4 and many more...

CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...

DEBIAN-CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...

Input validation

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...

CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...

CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

WordPress 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in the WordPress plugin Backup and Migrate Plugin Backup Guard...

PT-2021-5828

Name of the Vulnerable Software and Affected Versions ExifTool versions 7.44 and up Description The issue is related to improper neutralization of user data in the DjVu file format, allowing arbitrary code execution when parsing malicious images. This could enable a remote attacker to access...

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-1.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER (BitCount) Stack Based Buffer Overflow Exploit

Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow ASLR & DEP Bypass Exploit Author: Paolo Stagno Vendor Homepage: https://www.faststone.org/ Download: https://www.faststonesoft.net/DN/FSViewerSetup75.exe...

Pillow 缓冲区错误漏洞

Pillow is a Python-based image processing library.A buffer overflow vulnerability exists in Pillow Tiff image file processing, which can be exploited by remote attackers to submit special file requests that trick users into parsing, which can crash the application or execute arbitrary code in the...

Libtiff Integer Overflow Vulnerability

Libtiff is a library for reading and writing Tagged Image File Format abbreviated TIFF files. An integer overflow vulnerability exists in tifgetimage.c in libtiff. An attacker can exploit this vulnerability to inject and execute arbitrary code via specially crafted TIFF files...

CVE-2021-27586

When a user opens manipulated Interchange File Format .IFF format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-27586

When a user opens manipulated Interchange File Format .IFF format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-27590

SAP 3D Visual Enterprise Viewer 9 is affected by CVE-2021-27590 via TIFF parsing, described as an out-of-bounds write that can lead to remote code execution. The ZDI advisory specifies that exploitation requires user interaction (opening a crafted TIFF/file), enabling code execution in the contex...