USN-5227-2 pillow vulnerabilities

USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

CVE-2021-45058

Adobe InDesign version 16.4 and earlier is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPEG file...

CVE-2021-45930

A flaw was found in qtsvg's qsvghandler.cpp module. An attacker who is able to submit a crafted image file to an application that uses qsvghandler could cause an out-of-bounds write and potential denial of service to occur, depending on the application...

The vulnerability of Adobe Premiere Rush software, related to the execution of operations beyond buffer boundaries in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe Premiere Rush relates to the execution of operations beyond the buffer in memory when processing EPS/TIFF files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2021-43856

Wiki.js is a wiki app built on Node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through non-image file uploads for file types that can be viewed directly inline in the browser. By creating a malicious file which can execute inline JS when viewed in the browser e.g...

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2022-33131)

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP Germany. The software supports publishing 2D and 3D scenes in all industry-standard desktop applications and supports separate installations as standalone executables and ActiveX spaces.SAP 3D Visual Enterprise Viewer version 9.0 is...

CVE-2021-44860

An out-of-bounds read vulnerability exists when reading a TIF file using Open Design Alliance Drawings SDK before 2022.12. The specific issue exists after loading TIF files. An unchecked input data from a crafted TIF file leads to an out-of-bounds read. An attacker can leverage this vulnerability...

CVE-2021-44183

Adobe Dimension versions 3.4.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2021-43023

Adobe Premiere Rush version 1.5.16 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious EPS/TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

CVE-2021-42069

When a user opens manipulated Tagged Image File Format .tif file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application...

Format string

When a user opens manipulated Tagged Image File Format .tif file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-42069

When a user opens manipulated Tagged Image File Format .tif file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-44005

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code ...

PT-2021-5968 · Adobe · Premiere Pro

Name of the Vulnerable Software and Affected Versions: Adobe Premiere Pro versions 22.0 and earlier and 15.4.2 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe Premiere Pro that could lead to disclosure of sensitive memory. An attacker could leverage...

CVE-2021-3802

A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability...

CVE-2021-3802

CVE-2021-3802 affects the udisks2 component. The connected advisories describe a flaw where insecure defaults in user-accessible mount helpers allow mounting of a specially crafted image/file/USB to trigger a kernel panic, impacting availability. Public details across sources show multiple distro...

CVE-2021-3802

A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability...

USN-5150-1 openexr vulnerability

It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash...

ILM OpenEXR 数字错误漏洞

ILM OpenEXR is an image file format from Industrial Light and Magic ILM for high dynamic range HDR images. A security vulnerability exists in ILM OpenEXR that stems from OpenEXR incorrectly processing certain EXR image files. An attacker could exploit this issue to cause a crash...

Oracle Linux 8 : compat-exiv2-026 (ELSA-2021-4319)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-4319 advisory. 0.26-6 - Fix out-of-bounds read in Exiv2::Jp2Image::printStructure Resolves: bz1993283 - Fix out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header...