CVE-2020-6075

An exploitable out-of-bounds write vulnerability exists in the storedatabuffer function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to...

MGASA-2020-0196 Updated exiv2 packages fix security vulnerability

The updated packages fix a security vulnerability: A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file. CVE-2019-13111...

exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp

Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer overflow via a crafted image file...

exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp

Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer overflow via a crafted image file...

exiv2: invalid data location in CRW image file causing denial of service

Exiv2 through 0.27.1 allows an attacker to cause a denial of service crash due to assertion failure via an invalid data location in a CRW image file...

Memory corruption vulnerability in XnView Classic jpm file (CNVD-2020-31479)

XnView Classic is an image viewing software. A memory corruption vulnerability exists in the XnView Classic jpm file. An attacker can exploit the vulnerability to execute malicious code on a user's system or cause the program to perform a denial of service...

Malicious Package

atlas-client is a malicious package. The package typosquats on the original package atlasclient and executes malicious code in a portable executable hidden in a .png file...

EulerOS Virtualization 3.0.2.2 : gd (EulerOS-SA-2020-1464)

According to the versions of the gd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer overflow in gdio.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via...

EulerOS Virtualization 3.0.2.2 : python-pillow (EulerOS-SA-2020-1473)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the 'crafted image file'...

EulerOS Virtualization 3.0.2.2 : netpbm (EulerOS-SA-2020-1470)

According to the version of the netpbm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The pmmallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service...

EulerOS 2.0 SP3 : gd (EulerOS-SA-2020-1384)

According to the versions of the gd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The gdImageCreateFromGd2Ctx function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of servic...

WHM 0.82.19 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications =================================================== Title : WHM v0.82.16 Twitter : @H3xr4in BLog : https://sudo-security.github.io 0day.today 2020-07-19...

Denial Of Service (DoS)

php is vulnerable to denial of service DoS. The vulnerability exists as an integer overflow flaw was found in the PHP exif extension. On 32-bit systems, a specially-crafted image file could cause the PHP interpreter to crash or disclose portions of its memory when a PHP script tries to extract...

Arbitrary Code Execution

gimp is vulnerable to arbitrary code execution. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap BMP and Personal Computer eXchange PCX image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that,...

Arbitrary Code Execution

python is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the Python rgbimg module. If an application written in Python was using the rgbimg module and loaded a specially-crafted SGI image file, it could cause the application to crash or, possibly,...

Arbitrary Code Execution

python is vulnerable to arbitrary code execution. The vulnerability exists if an application written in Python was using the rgbimg module and loaded a specially-crafted SGI image file, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user...

Arbitrary Code Execution

python is vulnerable to arbitrary code execution. The vulnerability exists if an application written in Python was using the rgbimg module and loaded a specially-crafted SGI image file, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user...

Arbitrary Code Execution

php is vulnerable to arbitrary code execution. Multiple missing input sanitization flaws were discovered in PHP's exif extension. A specially-crafted image file could cause the PHP interpreter to crash or, possibly, disclose portions of its memory when a PHP script tried to extract Exchangeable...

Privilege Escalation

ibm java is vulnerable to privilege escalation. A remote attacker is able to obtain higher privileges using a malicious image file...

Privilege Escalation

ibm java is vulnerable to privilege escalation. A remote attacker is able to obtain higher privileges using a malicious image file...