The vulnerability of the Exiv2 metadata management library commands, related to executing a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the Exiv2 metadata management library commands is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created image file...

The vulnerability of the Exiv2 metadata management library, related to reading beyond the allowed buffer data limits, allows a hacker to cause a service failure.

The vulnerability of the Exiv2 metadata management library relates to reading data beyond the acceptable buffer limit. Exploiting this vulnerability could allow a malicious actor to cause service interruptions through the use of a specially created image file...

ROS-20230322-01

A vulnerability in the HEIF and AVIF libheif file format decoder is related to the data parsing code of strided images in the emscripten wrapper for libheif. Exploitation of the vulnerability could allow an attacker acting remotely to use a specially crafted image file to cause a buffer overflow ...

GHSA-PPJR-267J-5P9X NULL pointer derefernce in `stb_image`

A bug in error handling in the stbimage C library could cause a NULL pointer dereference when attempting to load an invalid or unsupported image file. This is fixed in version 0.2.5 and later of the stbimage Rust crate, by patching the C code to correctly handle NULL pointers...

NULL pointer derefernce in `stb_image`

A bug in error handling in the stbimage C library could cause a NULL pointer dereference when attempting to load an invalid or unsupported image file. This is fixed in version 0.2.5 and later of the stbimage Rust crate, by patching the C code to correctly handle NULL pointers...

Debian: Security Advisory (DLA-221-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-24734

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

CVE-2023-24734

An arbitrary file upload vulnerability in the cameraupload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file...

Denial Of Service (DoS)

libheif.so is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause a buffer overflow during a memcpy call with a crafted image file, causing the application to crash...

Buffer overflow

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call...

Microsoft Windows Untrusted Script Execution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...

K68785753: ImageMagick vulnerability CVE-2015-8898

Security Advisory Description The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted image file. CVE-2015-8898 Impact BIG-IP systems that use a WebAcceleration profile configured wit...

K23731034: PHP & libGD vulnerability CVE-2016-10167

Security Advisory Description The gdImageCreateFromGd2Ctx function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted image file. CVE-2016-10167 Impact There is no impact; F5 products are not affected b...

SUSE CVE-2023-20052

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on a...

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit 33aee127.

...

SUSE CVE-2004-0914

Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include 1 multiple integer overflows, 2 out-of-bounds memory accesses, 3 directory traversal, 4 shell metacharacter, 5 endless loops, and 6 memory leaks, which could allow remote attackers to obtain...

SUSE CVE-2004-0981

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file...

SUSE CVE-2004-1025

Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service application crash and execute arbitrary code via certain image files...

SUSE CVE-2004-1726

Multiple integer overflows in 1 xviris.c, 2 xvpcx.c, and 3 xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow...

SUSE CVE-2005-0762

Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file...