2251 matches found
CVE-2021-1742
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2021-1738
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2021-1736
CVE-2021-1736 is an out-of-bounds read vulnerability in macOS components (notably CoreMedia/ImageIO) that can be triggered by processing a maliciously crafted image, potentially allowing arbitrary code execution. The issue is addressed in macOS Big Sur 11.2 and Security Update 2021-001 Catalina a...
CVE-2021-1736
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2021-1737
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-29618
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may...
CVE-2020-29616
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-29611
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted imag...
CVE-2020-27939
CVE-2020-27939 affects macOS ImageIO in supported Apple OS releases. A memory corruption issue in processing a maliciously crafted image was addressed by Apple with improved input validation, and is fixed in macOS Big Sur 11.1 as well as Security Update 2020-001 Catalina and Security Update 2020-...
CVE-2020-27939
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-27923
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted image may le...
CVE-2020-27919
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-9955
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution...
AZL-44580 CVE-2021-20291 affecting package buildah for versions less than 1.41.4-2
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using tar. If one of those layers is not a valid tar archive this causes an error leading to an unexpected situation where the code...
Debian: Security Advisory (DLA-2612-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2612-1 : leptonlib security update
Several issues have been found by ClusterFuzz in leptonlib, an image processing library. All issues are related to heap-based buffer over-read in several functions or a denial of service application crash with crafted data. For Debian 9 stretch, these problems have been fixed in version...
Accusoft ImageGear Out-of-Bounds Writing Vulnerability
Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, U.S. An out-of-bounds write vulnerability exists in Accusoft ImageGear, which could be exploited by an attacker to potentially cause memory corruption via a malformed file prepared...
JasPer 代码问题漏洞
JasPer is a C-based tool for image processing from the individual developer Michael Adams. The software supports the JPEG-2000 format as defined in ISO/IEC 15444-1 and is primarily used for image encoding and processing. Jasper suffers from a code issue vulnerability that can be exploited by an...
Pillow Buffer Overflow Vulnerability (CNVD-2021-54033)
Pillow is a Python-based image processing library. buffer overflow vulnerability exists in versions of Pillow prior to 8.1.1, which stems from the presence of a negative offset memcpy with an invalid size in TiffDecode.c. No details of the vulnerability are currently available...
Fedora: Security Advisory for python-pillow (FEDORA-2021-9016a9b7bd)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...