Lucene search
K

528 matches found

CNVD
CNVD
added 2018/05/31 12:0 a.m.3 views

MiniUPnP ngiflib Buffer Overflow Vulnerability

MiniUPnP is a set of UPnP tools developed by MiniUPnP project that can be used in embedded systems. This tool enables devices in home and corporate networks to connect to each other. ngiflib is one of the GIF image format decoding libraries written in C language. A buffer overflow vulnerability...

9.8CVSS9.8AI score0.01529EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/05/27 12:0 a.m.33 views

Debian: Security Advisory (DLA-1385-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.19523EPSS
Exploits0References3
Debian
Debian
added 2018/05/25 7:29 p.m.37 views

[SECURITY] [DLA 1385-1] batik security update

Package : batik Version : 1.7+dfsg-3+deb7u3 CVE ID : CVE-2018-8013 Debian Bug : 899374 Man Yue Mo discovered a security vulnerability in Apache Batik, an SVG image library. A missing check for the class type before calling newInstance when deserializing a subclass of AbstractDocument could lead t...

9.8CVSS9AI score0.19523EPSS
Exploits0
OSV
OSV
added 2018/04/24 7:29 p.m.3 views

ALPINE-CVE-2017-14448

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS8.2AI score0.02395EPSS
Exploits0References1
OSV
OSV
added 2018/04/24 7:29 p.m.3 views

ALPINE-CVE-2017-14449

A double-Free vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS6.9AI score0.01677EPSS
Exploits0References1
OSV
OSV
added 2018/04/24 7:29 p.m.2 views

ALPINE-CVE-2017-14441

An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this...

8.8CVSS8.2AI score0.02677EPSS
Exploits0References1
OSV
OSV
added 2018/04/24 7:29 p.m.3 views

UBUNTU-CVE-2017-12122

An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS7.4AI score0.02395EPSS
Exploits0References5
Snyk
Snyk
added 2018/04/24 7:29 p.m.2 views

Out-of-Bounds

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Out-of-Bounds. A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global...

7.1CVSS7AI score0.01583EPSS
Exploits0References2
OSV
OSV
added 2018/04/24 7:29 p.m.8 views

UBUNTU-CVE-2017-14448

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS7.4AI score0.02395EPSS
Exploits0References4
OSV
OSV
added 2018/04/24 7:29 p.m.3 views

UBUNTU-CVE-2017-14441

An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this...

8.8CVSS7.4AI score0.02677EPSS
Exploits0References4
OSV
OSV
added 2018/04/16 4:29 p.m.2 views

DEBIAN-CVE-2018-3849

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...

8.8CVSS9.1AI score0.04034EPSS
Exploits1References1
Snyk
Snyk
added 2018/04/10 9:29 p.m.2 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read. An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the...

5.5CVSS6.3AI score0.01248EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/04/10 12:0 a.m.31 views

Debian DLA-1341-1 : sdl-image1.2 security update

Lilith of Cisco Talos discovered several buffer overflow vulnerabilities in the SDL Image library which can be leveraged by attackers to execute arbitrary code via specially crafted image files. For Debian 7 'Wheezy', these problems have been fixed in version 1.2.12-2+deb7u2. We recommend that yo...

8.8CVSS7.6AI score0.02677EPSS
Exploits0References8
PyPA
PyPA
added 2018/03/25 3:29 a.m.5 views

PYSEC-2018-147

In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmnint.cpp allows remote attackers to cause a denial of service invalid memory access via a crafted file...

6.5CVSS6.7AI score0.0217EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2018/03/18 12:0 a.m.3 views

PT-2018-5363 · Sdl +2 · Sdl2 Image +2

Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A code execution issue exists in the ILBM image rendering functionality. A specially crafted ILBM image can cause a heap overflow, resulting in code execution. An attacker can trigger this issue by...

8.8CVSS7.4AI score0.02677EPSS
Exploits4References84
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.32 views

Debian: Security Advisory (DLA-1083-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.02001EPSS
Exploits0References3
Debian
Debian
added 2018/01/19 4:58 a.m.47 views

[SECURITY] [DLA 1248-1] libgd2 security update

Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u11 CVE ID : CVE-2018-5711 Debian Bug : 887485 It was discovered that there was a denial-of-service attack in the libgd2 image library. A corrupt file could have exploited a signedness confusion leading to an infinite loop. For Debian 7 "Wheezy",...

5.5CVSS6.6AI score0.13204EPSS
Exploits1
PyPA
PyPA
added 2018/01/03 9:29 a.m.5 views

PYSEC-2018-144

The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...

5.5CVSS6.8AI score0.01488EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2017/09/29 1:34 a.m.5 views

PYSEC-2017-134

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

5.5CVSS6.8AI score0.00963EPSS
Exploits1References2Affected Software1
PyPA
PyPA
added 2017/09/29 1:34 a.m.6 views

PYSEC-2017-136

A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...

5.5CVSS6.8AI score0.00875EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder