Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service DoS attacks. A malicious user can pass an image file to the OJPEGPreDecodeSkipScanlines function in tifojpeg.c to cause a divide by zero error that crash the application...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attack. Sending a malicious image file to the ReadTXTImage function in coders/txt.c leads to a huge CPU consumption...

ImageMagick infinite loop vulnerability (CNVD-2018-12308)

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. An infinite loop vulnerability exists in ReadMIFFImage in coders/miff.c in ImageMagick 7.0.7-16 Q16 x8664 2017-12-22. An attacker can exploit this vulnerability to cau...

Code injection

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted image file that is mishandled in a GetImageIndexInList call...

CVE-2017-18272

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call...

CVE-2018-11251

In ImageMagick 7.0.7-23 Q16 x8664 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service application crash in SetGrayscaleImage in MagickCore/quantize.c via a crafted SUN image file...

CVE-2017-18271

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted MIFF image file...

CVE-2017-18271

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted MIFF image file...

CVE-2017-18273

Technical details beyond the initial description are not provided in the supplied documents. No confirmed affected versions, impact specifics, or remediation are available here. Monitor for updates.

CVE-2017-18273

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted image file that is mishandled in a GetImageIndexInList call...

CVE-2018-11251

In ImageMagick 7.0.7-23 Q16 x8664 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service application crash in SetGrayscaleImage in MagickCore/quantize.c via a crafted SUN image file...

CVE-2017-18271

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted MIFF image file...

CVE-2017-18271

In ImageMagick 7.0.7-16 Q16 x8664 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted MIFF image file...

Memory Corruption Vulnerability in Nikon ViewNX-i in Japan

Nikon is a famous camera manufacturer in Japan.ViewNX-i is an image processing software from Nikon. A memory corruption vulnerability exists in Nikon ViewNX-i when processing TIFF images. An attacker can cause the program to crash by constructing a malformed TIFF image, which if successfully...

openSUSE Security Update : GraphicsMagick (openSUSE-2018-407)

This update for GraphicsMagick fixes the following issues : - security update core - CVE-2018-6799: The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact v...

Denial Of Service (DoS)

libjasper.so is vulnerable to denial of service DoS attacks. A malicious user can pass a image file to the application to cause an assertion error that can crash the application...

OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability

OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...

OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability (CNVD-2018-07985)

OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...

Debian DLA-1354-1 : opencv security update

Two vulnerabilities were found in OpenCV, the 'Open Computer Vision Library'. CVE-2018-5268 In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmtjpeg2000.cpp when parsing a crafted image file. CVE-2018-5269 In OpenCV 3.3.1, an...

ImageMagick 'ReadOneMNGImage' function infinite loop vulnerability

ImageMagick is a set of open source image processing software. The software can read, convert and write images in a variety of formats. A security vulnerability exists in the 'ReadOneMNGImage' function in the coders/png.c file in ImageMagick version 7.0.7-28. A remote attacker can exploit this...