Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2680 matches found

Mageia
Mageiaadded 2017/11/02 9:47 p.m.41 views

Updated sdl2 packages fix security vulnerability

Yves Younan of Cisco Talos discovered an exploitable integer overflow vulnerability when creating a new RGB Surface in SDL 2.0.x before version 2.0.7. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and...

8.8CVSS4.2AI score0.03072EPSS
Exploits2References4
CNVD
CNVDadded 2017/10/23 12:0 a.m.2 views

IrfanView buffer overflow vulnerability (CNVD-2017-32317)

IrfanView is an image viewer developed by Irfan Skiljan, a software developer from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A buffer overflow vulnerability exists in IrfanView version 4.50 64-bit. A remote attacker can exploit this...

7.8CVSS7.7AI score0.0099EPSS
Exploits0References1
OSV
OSVadded 2017/10/22 8:29 p.m.2 views

CVE-2017-15775

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at CADImage+0x0000000000259aa4."...

7.8CVSS5.8AI score0.00767EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2017/10/19 11:59 a.m.25 views

CVE-2017-2888

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS4.8AI score0.03072EPSS
Exploits2References2
NVD
NVDadded 2017/10/16 6:29 p.m.10 views

CVE-2015-2780

Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory...

9.8CVSS9.7AI score0.15139EPSS
Exploits0References3
seebug.org
seebug.orgadded 2017/10/16 12:0 a.m.45 views

Oracle OIT libim_psi2 psiparse Code Execution Vulnerability(CVE-2016-3594)

Description A memory corruption vulnerability exists in file parsing code of Oracle Outside In Technology libimpsi2 library. Specifically, a integer overflow leading to an undersized memory allocation and a memory copy operation leading to buffer overflow in psiparse function can write 8 controll...

9CVSS9AI score0.0393EPSS
Exploits1
OSV
OSVadded 2017/10/11 6:29 p.m.2 views

DEBIAN-CVE-2017-2888

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS8.1AI score0.03072EPSS
Exploits2References1
OSV
OSVadded 2017/10/11 6:29 p.m.16 views

CVE-2017-2888

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS8.9AI score
Exploits0References4
Cvelist
Cvelistadded 2017/10/11 6:0 p.m.24 views

CVE-2017-2888

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS8.8AI score0.03072EPSS
Exploits2References4
Debian CVE
Debian CVEadded 2017/10/11 6:0 p.m.28 views

CVE-2017-2888

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS8.5AI score0.03072EPSS
Exploits2
UbuntuCve
UbuntuCveadded 2017/10/11 12:0 a.m.21 views

CVE-2017-2888

An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a...

8.8CVSS7.2AI score0.03072EPSS
Exploits2References3
OSV
OSVadded 2017/10/10 1:29 p.m.1 views

DEBIAN-CVE-2014-9092

libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service crash via a crafted JPEG file, related to the Exif marker...

6.5CVSS6.2AI score0.03235EPSS
Exploits0References1
CNVD
CNVDadded 2017/09/30 12:0 a.m.2 views

OpenExif Denial of Service Vulnerability

OpenExif is an object-oriented library for accessing JPEG image files in Exif format. A denial of service vulnerability exists in ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif, which could allow a remote attacker to cause a denial of service stack buffer over-reading and application...

5.5CVSS5.5AI score0.00861EPSS
Exploits0References1
PyPA
PyPAadded 2017/09/29 1:34 a.m.4 views

PYSEC-2017-136

A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...

5.5CVSS6.8AI score0.00875EPSS
Exploits1References2Affected Software1
Packet Storm
Packet Stormadded 2017/09/29 12:0 a.m.51 views

TrendMicro OfficeScan 11.0 / XG (12.0) XG Image File Execution Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan v11.0 and XG 12.0...

Exploits0
0day.today
0day.todayadded 2017/09/28 12:0 a.m.50 views

Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ==================...

6.8AI score
Exploits0
CNVD
CNVDadded 2017/09/28 12:0 a.m.2 views

libbpg Denial of Service Vulnerability (CNVD-2017-34778)

libbpg is a new type of image format library. A security vulnerability exists in the 'hevcwriteframe' function of the libbpg.c file in libbpg version 0.9.7. A remote attacker can exploit this vulnerability to cause a denial of service integer overflow and application crash with the help of a...

8.8CVSS7AI score0.01522EPSS
Exploits1References1
exploitpack
exploitpackadded 2017/09/28 12:0 a.m.31 views

Trend Micro OfficeScan 11.0XG (12.0) - Image File Execution Bypass

Trend Micro OfficeScan 11.0XG 12.0 - Image File Execution Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ==================...

7.5AI score
Exploits0
Exploit DB
Exploit DBadded 2017/09/28 12:0 a.m.45 views

Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan v11.0 and XG 12.0...

7.4AI score
Exploits0
Gentoo Linux
Gentoo Linuxadded 2017/09/26 12:0 a.m.37 views

libTIFF: Multiple vulnerabilities

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the referenced...

9.8CVSS8.7AI score0.04427EPSS
Exploits8
Rows per page
Query Builder