516 matches found
The vulnerability of the sdl-image image loading library, related to memory-related errors, allows attackers to cause service failures or compromise data integrity.
The vulnerability of the sdl-image image loading library is related to memory-related errors that can lead to service failures or the execution of arbitrary code. Exploiting this vulnerability allows a remote attacker to cause a service failure or compromise data integrity using specially crafted...
LibRaw 'nikon_coolscan_load_raw()' function memory out-of-bounds read vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A security vulnerability exists in the 'nikoncoolscanloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.9. A remote attacker can exploit th...
Debian DLA-1593-1 : phpbb3 security update
Simon Scannell and Robin Peraglie of RIPS Technologies discovered that passing an absolute path to a fileexists check in phpBB, a full featured web forum, allows remote code execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel...
[SECURITY] [DLA 1593-1] phpbb3 security update
Package : phpbb3 Version : 3.0.12-5+deb8u2 CVE ID : CVE-2018-19274 Simon Scannell and Robin Peraglie of RIPS Technologies discovered that passing an absolute path to a fileexists check in phpBB, a full featured web forum, allows remote code execution through Object Injection by employing Phar...
PYSEC-2018-142
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service infinite loop caused by an integer overflow via a crafted PSD image file...
libpng: Integer overflow and resultant divide-by-zero in pngrutil.c:png_check_chunk_length() allows for denial of service
In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...
DEBIAN-CVE-2018-16336
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted image file, a different vulnerability than CVE-2018-10999...
CVE-2018-3757
Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter...
MiniUPnP ngiflib Buffer Overflow Vulnerability
MiniUPnP is a set of UPnP tools developed by MiniUPnP project that can be used in embedded systems. This tool enables devices in home and corporate networks to connect to each other. ngiflib is one of the GIF image format decoding libraries written in C language. A buffer overflow vulnerability...
Debian: Security Advisory (DLA-1385-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1385-1] batik security update
Package : batik Version : 1.7+dfsg-3+deb7u3 CVE ID : CVE-2018-8013 Debian Bug : 899374 Man Yue Mo discovered a security vulnerability in Apache Batik, an SVG image library. A missing check for the class type before calling newInstance when deserializing a subclass of AbstractDocument could lead t...
ALPINE-CVE-2017-14441
An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this...
ALPINE-CVE-2017-14449
A double-Free vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability...
ALPINE-CVE-2017-14448
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
UBUNTU-CVE-2017-12122
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
UBUNTU-CVE-2017-14448
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
Out-of-Bounds
Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Out-of-Bounds. A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global...
UBUNTU-CVE-2017-14441
An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this...
DEBIAN-CVE-2018-3849
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read. An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the...