Lucene search
K

2251 matches found

CNNVD
CNNVD
added 2023/01/24 12:0 a.m.4 views

Apple tvOS 缓冲区错误漏洞

Apple tvOS is a set of smart TV operating systems from Apple USA. A buffer error vulnerability exists in versions of Apple tvOS prior to 16.3, which stems from a memory corruption, and may result in a denial of service when processing images...

7.5CVSS7.4AI score0.00939EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/01/23 5:56 p.m.10 views

libXpm: Runaway loop on width of 0 and enormous height

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

7.5CVSS6AI score0.01247EPSS
Exploits0References5
OSV
OSV
added 2023/01/23 3:15 a.m.8 views

AZL-13151 CVE-2022-48281 affecting package libtiff for versions less than 4.4.0-7

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow e.g., "WRITE of size 307203" via a crafted TIFF image...

5.5CVSS6.9AI score0.00461EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/01/01 12:0 a.m.11 views

Debian: Security Advisory (DSA-5310-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.02595EPSS
Exploits1References4
Debian
Debian
added 2022/12/31 9:42 a.m.25 views

[SECURITY] [DSA 5310-1] ruby-image-processing security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5310-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 31, 2022 https://www.debian.org/security/faq -...

10CVSS9.5AI score0.02595EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/12/31 12:0 a.m.49 views

Debian DSA-5310-1 : ruby-image-processing - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5310 advisory. It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when...

10CVSS8.3AI score0.02595EPSS
Exploits1References6
OSV
OSV
added 2022/12/31 12:0 a.m.29 views

DSA-5310-1 ruby-image-processing - security update

Bulletin has no description...

10CVSS9.4AI score0.02595EPSS
Exploits1
Talos Blog
Talos Blog
added 2022/12/22 3:39 p.m.65 views

Vulnerability Spotlight: OpenImageIO file processing issues could lead to arbitrary code execution, sensitive information leak and denial of service

Lilith of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nineteen vulnerabilities in OpenImageIO, an image processing library, which could lead to sensitive information disclosure, denial of service and heap buffer overflows which could further lead to code executio...

0.5AI score0.01962EPSS
Exploits22
CNNVD
CNNVD
added 2022/12/22 12:0 a.m.4 views

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an image read/write library, along with a number of tools and applications. An out-of-bounds read vulnerability exists in OpenImageIO. The vulnerability is caused due to an out-of-bounds read vulnerability when processing string fields in TIFF image files. An attacker can exploit...

5.3CVSS6.6AI score0.00677EPSS
Exploits1References8
Talos
Talos
added 2022/12/22 12:0 a.m.32 views

OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability

Talos Vulnerability Report TALOS-2022-1656 OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability December 22, 2022 CVE Number CVE-2022-43601,CVE-2022-43600,CVE-2022-43599,CVE-2022-43602 SUMMARY Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of...

8.1CVSS8.1AI score0.01962EPSS
Exploits4
Talos
Talos
added 2022/12/22 12:0 a.m.49 views

OpenImageIO TIFF file string field information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1627 OpenImageIO TIFF file string field information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-41977 SUMMARY An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A...

5.3CVSS6.3AI score0.00677EPSS
Exploits1
Talos
Talos
added 2022/12/22 12:0 a.m.39 views

OpenImageIO TIFF file IPTC data information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1631 OpenImageIO TIFF file IPTC data information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-41649 SUMMARY A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A...

9.1CVSS8.4AI score0.01458EPSS
Exploits1
Talos
Talos
added 2022/12/22 12:0 a.m.32 views

OpenImageIO Project OpenImageIO ZfileOutput::close() denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1657 OpenImageIO Project OpenImageIO ZfileOutput::close denial of service vulnerability December 22, 2022 CVE Number CVE-2022-43603 SUMMARY A denial of service vulnerability exists in the ZfileOutput::close functionality of OpenImageIO Project OpenImageIO...

5.9CVSS7AI score0.01325EPSS
Exploits1
Talos
Talos
added 2022/12/22 12:0 a.m.37 views

OpenImageIO TIFF IPTC decoding information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1643 OpenImageIO TIFF IPTC decoding information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-41988 SUMMARY An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO...

7.5CVSS7AI score0.01169EPSS
Exploits1
CNNVD
CNNVD
added 2022/12/05 12:0 a.m.2 views

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek chips, which stems from the discovery of a race condition in isp, where an out-of-bounds write may exist...

6.4CVSS6.5AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 2022/11/24 11:23 a.m.9 views

USN-5736-2 imagemagick vulnerabilities

USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu...

7.8CVSS6.7AI score0.0238EPSS
Exploits2References18
Debian
Debian
added 2022/11/20 11:34 p.m.24 views

[SECURITY] [DLA 3200-1] graphicsmagick security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3200-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 21, 2022 https://wiki.debian.org/LTS -...

7.8CVSS7.6AI score0.00427EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2022/11/15 12:0 a.m.5 views

Vulnerability of the new_node() function (libraw\src\x3f\x3futils_patched.cpp) in the LibRaw image processing library, which allows a hacker to trigger a service failure

The vulnerability of the newnode function libraw\src\x3f\x3futilspatched.cpp in the LibRaw image processing library is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6AI score0.00369EPSS
Exploits1References11Affected Software5
NVD
NVD
added 2022/11/01 8:15 p.m.13 views

CVE-2022-42795

A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 16, iOS 16, macOS Ventura 13, watchOS 9. Processing a maliciously crafted image may lead to arbitrary code execution...

8.8CVSS0.01291EPSS
Exploits0References4
NVD
NVD
added 2022/11/01 8:15 p.m.18 views

CVE-2022-26730

A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution...

8.8CVSS0.00898EPSS
Exploits0References1
Rows per page
Query Builder