Important: libwebp security update

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...

ZPLGFA Input Validation Error Vulnerability

ZPLGFA is a Go package from Simon Waldherr's personal developer. It is used to convert PNG, JPEG and GIF encoded graphic files into ZPL compatible ^GF elements graphic fields. A security vulnerability exists in ZPLGFA version 1.1.1, which stems from allowing an attacker to cause a panic with a...

GIFLIB 安全漏洞

GIFLIB is a library for reading and editing gif images. A security vulnerability exists in GIFLIB, which stems from a Segmentation Fault issue in getarg.c. The vulnerability is caused by the presence of a Segmentation Fault...

The vulnerability of the GdkPixbuf image loading library, related to writing beyond the buffer’s boundaries, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the GdkPixbuf image loading library is related to writing beyond the buffer’s boundaries. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through the use of a specially create...

SUSE CVE-2005-0399

Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer...

SUSE CVE-2008-0554

Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484...

SUSE CVE-2021-44648

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12...

SUSE CVE-2022-0534

A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gifgetcode and occurs when opening a malicious GIF file, which can result in a crash segmentation fault...

The vulnerability of the decompress.c component in the HDF5 libhdf5 library allows a hacker to execute arbitrary code on the target system.

The vulnerability of the decompress.c component in the HDF5 libhdf5 library is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code on the target system by having the user open a specially created malicious GIF...

UBUNTU-CVE-2022-25169

The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files...

CVE-2022-24055

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

The vulnerability of the GdkPixbuf image loading library, related to writing beyond the buffer’s boundaries, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the GdkPixbuf image loading library is related to writing beyond the buffer’s boundaries. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through the use of a specially create...

Xfig fig2dev 缓冲区错误漏洞

fig2dev is used to convert .fig files to various graphics languages and formats. A buffer overflow vulnerability exists in the setcolor component of genge.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to ge format...

CVE-2021-34295

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Gifloader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an...

CVE-2021-33659

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2021-21782

An out-of-bounds write vulnerability exists in the SGI format buffer size processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

PT-2021-14768 · Accusoft · Accusoft Imagegear

Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.8 Description: An out-of-bounds write issue exists in the SGI format buffer size processing functionality. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious fil...

Accusoft ImageGear 缓冲区错误漏洞

Accusoft ImageGear is a multi-platform, multi-language document imaging developer toolkit. An out-of-bounds write vulnerability exists in the SGI format buffer size handling feature of Accusoft ImageGear 19.8. An attacker can exploit the vulnerability by supplying a specially crafted malicious fi...

hwcomposer 安全漏洞

Samsung hwcomposer is a mobile application from Samsung South Korea. It provides video conversion format functionality. A security vulnerability exists in hwcomposer prior to SMR Mar-2021 Release 1, which stems from a graphics format mismatch when hwcomposer converts video formats...

CVE-2020-17410

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...