2680 matches found
MGASA-2022-0446 Updated imagemagick packages fix security vulnerability
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. CVE-2021-3574 A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows a...
SUSE SLES12 Security Update : exiv2 (SUSE-SU-2022:4252-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4252-1 advisory. - CVE-2019-13112: Fixed an uncontrolled memory allocation in PngChunk:parseChunkContent causing denial of service. bsc1142681 -...
Dropbox Lepton 安全漏洞
Dropbox Lepton is a set of tools for lossless compression of JPEG format files. A denial of service vulnerability exists in LEPTON Project Dropbox Lepton version 1.2, which can be exploited to launch a denial of service attack by passing a carefully crafted JPEG file to the Lepton image compressi...
USN-5736-1 imagemagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14....
ROS-20221121-03
Vulnerability of ImageMagick graphic editor is related to integer overflow in function ExportIndexQuantum in MagickCore/quantum-export.c. Exploitation of the vulnerability could allow an attacker, acting remotely, to pass specially crafted image data to an application, cause an integer overflow a...
gimp: unhandled exception via a crafted XCF file may lead to DoS
A vulnerability was found in GIMP when loading a specially crafted XCF file. Due to an incorrect function return value, GIMP may access memory outside its address space, resulting in a denial of service...
CVE-2022-3598
An out-of-bounds write flaw was found in the extractContigSamplesShifted24bits function in tools/tiffcrop.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition...
PT-2022-24759 · Siemens · Teamcenter Visualization +1
Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to 14.1.0.4 Teamcenter Visualization V13.2 versions prior to 13.2.0.12 Teamcenter Visualization V13.3 versions prior to 13.3.0.8 Teamcenter Visualization V14.0 versions prior to 14.0.0.3 Teamcenter Visualization V14.1...
Ubuntu 18.04 LTS / 20.04 LTS : LibRaw vulnerabilities (USN-5715-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5715-1 advisory. It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted...
Out-of-Bounds Read
libRaw is vulnerable to out-of-bounds reads. The vulnerability is within the LibRaw::adobecopypixel function of dng.cpp when reading data from the image file causing an application crash...
Out-of-Bounds Read
libRaw is vulnerable to out-of-bounds reads. The vulnerability is within the gethuffmandiff function of x3futilspatched.cpp when reading data from an image file causing an application crash...
Heap-based Buffer Overflow
imagemagick is vulnerable to heap-based buffer overflow. The vulnerability exists in ImageMagick's RelinquishDCMInfo function of dcm.c which allows an attacker to pass a specially crafted DICOM image file for conversion causing an information disclosure and an application crash...
USN-5705-1: LibTIFF vulnerabilities
Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted image file and potentially use this issue to allow for information disclosure or to cause the application to crash. CVE-2022-3570 It was...
LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72096)
LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains a number of command-line tools for handling TIFF files.LibTIFF version 4.4.0 is vulnerable to a buffer overflow vulnerability, which stems from the existence of multiple heap buffer overflows th...
CVE-2022-3570
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...
UBUNTU-CVE-2022-3570
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...
DEBIAN-CVE-2022-3627
LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemcpy in libtiff/tifunix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit...
ALPINE-CVE-2022-3598
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b...
CVE-2022-3570
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...
Heap overflow
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...