The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created JB2 file...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created TIF file...

The vulnerability of the Leptonica image processing library, related to the lack of checks for division by zero, allows a hacker to trigger a service failure.

The vulnerability of the Leptonica image processing library is related to the lack of checks for division by zero. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created JPEG file...

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2024-2405)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block...

PT-2025-3960 · Unknown · Sante Pacs Server

Name of the Vulnerable Software and Affected Versions: Sante PACS Server affected versions not specified Description: The issue is a denial-of-service vulnerability due to memory corruption in the analysis of Sante PACS Server DCM files. This allows remote attackers to create a denial-of-service...

ROS-20240826-08

A vulnerability in the source/blender/imbuf/intern/dds/DirectDrawSurface.cpp component of the Blender software suite of the Blender 3D computer graphics software suite is related to an incorrect assumption about the thread size. thread size. Exploitation of the vulnerability allows an attacker...

productinfoquick 安全漏洞

productinfoquick is an application. A security vulnerability exists in productinfoquick v1.0, which stems from an arbitrary file upload vulnerability in the Ueditor component that allows attackers to execute arbitrary code by uploading a crafted PNG file...

RHEL 8 : libtiff (RHSA-2024:5079)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5079 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Heap-base...

HiColor 安全漏洞

HiColor is a program by the individual developer D. Bohdan. It is used to convert images to 15-bit and 16-bit RGB colors. A security vulnerability exists in HiColor version 0.5.0, which stems from a heap buffer overflow vulnerability in the cpstored function, allowing an attacker to trigger a...

PT-2024-29402 · Hicolor · Hicolor

Name of the Vulnerable Software and Affected Versions: hicolor version 0.5.0 Description: A heap buffer overflow in the png quantize function allows attackers to cause a Denial of Service DoS via a crafted PNG file. Recommendations: For hicolor version 0.5.0, at the moment, there is no informatio...

The vulnerability of the Windows operating system’s Codecs library, which allows a hacker to access confidential information

The vulnerability of the Windows operating system’s Codecs library is related to errors in the memory object handling mechanisms. Exploiting this vulnerability can allow an attacker to access confidential information through a specially crafted image file...

CVE-2024-40630 HEIF Heap OOB Read in OpenImageIO

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation via a format-agnostic API with a feature set, scalability, and robustness needed for feature film production. In affected versions there is a bug in the heif input...

CVE-2024-40630 HEIF Heap OOB Read in OpenImageIO

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation via a format-agnostic API with a feature set, scalability, and robustness needed for feature film production. In affected versions there is a bug in the heif input...

CVE-2023-39328 Openjpeg: denail of service via crafted image file

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file...

CVE-2023-39328

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file...

Updated libcdio packages fix security vulnerability

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. CVE-2024-36600...

UBUNTU-CVE-2024-32498

An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to...

In Jasper 4.2.2 the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability allowing attackers to cause a denial of service attack through a specific image file.

...

ROS-20240626-08

A vulnerability in the ISO 9660 Image File Handler component of the libcdio library is related to a buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

GNU libcdio Buffer Overflow Vulnerability

GNU libcdio is a library developed by the GNU Project for accessing CD-ROMs and CD images, and is mainly used to handle CD-ROM file system reading, directory structure parsing and other functions. A buffer overflow vulnerability exists in GNU libcdio, which can be exploited by an attacker to...