2680 matches found
CVE-2018-7998
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vipsregiongenerate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race conditi...
DEBIAN-CVE-2018-7728
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFFHandler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update function in third-party/zuid/interfaces/MD5.cpp...
Cross site scripting
Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM...
CVE-2018-4875
Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM...
GNU libcdio 'print_iso9660_recurse' function denial of service vulnerability
GNU libcdio is a CD-ROM input and control library that contains a library of functions for accessing CD-ROMs and CD images. A denial of service vulnerability exists in the 'printiso9660recurse' function of the iso-info.c file in GNU libcdio versions prior to 1.0.0. A remote attacker can exploit...
Silicon Graphics LibTIFF 'TIFFPrintDirectory' Function Null Pointer Dereference Vulnerability
Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A security vulnerability exists in the 'TIFFPrintDirectory' function of the tifprint.c file ...
DEBIAN-CVE-2018-7443
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c...
PYSEC-2018-121
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file...
CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
CVE-2017-17725
CVE-2017-17725 : In Exiv2 0.26, an integer overflow in Exiv2::getULong (types.cpp) causes a heap-based buffer over-read. This can be leveraged remotely to trigger a denial of service via a crafted image file. The description indicates a DoS impact but does not provide exploit details beyond the o...
CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
Acme CADSee Handles TIFF Files with Denial of Service Vulnerability
Acme CADSee is a specialized viewer for CAD drawing files. Acme CADSee suffers from a memory corruption vulnerability when handling TIFF format files, which can cause an attacker to crash the program by constructing a TIFF format file, and if successfully exploited, can cause arbitrary code...
Heap overflow
The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...
CVE-2018-6799
The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...
DEBIAN-CVE-2018-6799
The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...
CVE-2018-6799
The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...
CVE-2018-6799
The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...
CVE-2018-6799
The AcquireCacheNexus function in magick/pixelcache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service heap overwrite or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used...