USN-5081-1 qtbase-opensource-src vulnerabilities

It was discovered that Qt incorrectly handled certain XBM image files. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. CVE-2020-17507 It was discovered that Qt incorrectly handled...

UBUNTU-CVE-2020-21048

An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service DOS via a crafted PNG file...

Emby Server <= 4.7.6.0 Information Disclosure Vulnerability

Emby Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2021-2334)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage of...

Updated exiv2 packages fix security vulnerabilities

The updated exiv2 packages fix security vulnerabilities: An assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a...

GHSA-HXJ6-V58R-CQV3 Cross Site Scripting in Subrion CMS

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

Cross Site Scripting in Subrion CMS

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

Ubuntu: Security Advisory (USN-5060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5060-2 ntfs-3g vulnerabilities

USN-5060-1 fixed a vulnerability in NTFS-3G. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary co...

USN-5060-2: NTFS-3G vulnerabilities

USN-5060-1 fixed a vulnerability in NTFS-3G. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary co...

USN-5060-1: NTFS-3G vulnerabilities

It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary code...

USN-5060-1 ntfs-3g vulnerabilities

It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary code...

Debian DLA-2750-1 : exiv2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2750 advisory. Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or...

DEBIAN-CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

UBUNTU-CVE-2020-18774

A float point exception in the printLong function in tagsint.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

ILM OpenEXR 输入验证错误漏洞

Industrial Light and Magic OpenEXR is an image file format from Industrial Light and Magic for High Dynamic Range HDR images. A security vulnerability exists in Industrial Light and Magic OpenEXR, which can be exploited by an attacker to cause a denial of service. The following products and...

Denial Of Service (DoS)

Exiv2 is vulnerable to denial of service. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if th...

Denial Of Service

Exiv2 is vulnerable to denial of service. An attacker may crash a system by injecting a crafted image file...

Denial Of Service (DoS)

Exiv2 is vulnerable to Denial Of Service DoS. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of...

Denial Of Service (DoS)

Exiv2 is vulnerable to denial of service. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a deni...