Lucene search
K

2250 matches found

OpenVAS
OpenVAS
added 2019/07/01 12:0 a.m.35 views

Fedora Update for GraphicsMagick FEDORA-2019-da4c20882c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.9AI score0.25065EPSS
Exploits8References2
Fedora
Fedora
added 2019/06/30 12:57 a.m.36 views

[SECURITY] Fedora 30 Update: GraphicsMagick-1.3.32-1.fc30

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

8.8CVSS2.7AI score0.25065EPSS
Exploits7
BDU FSTEC
BDU FSTEC
added 2019/06/18 12:0 a.m.2 views

The vulnerability of the parse_makernote function in the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the parsemakernote function in the LibRaw image processing library is related to buffer overflow in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

8.8CVSS5.8AI score0.0207EPSS
Exploits1References4Affected Software3
OSV
OSV
added 2019/06/10 7:17 p.m.7 views

MGASA-2019-0186 Updated imagemagick packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Fixed a heap-based buffer overflow in ReadMNGImage. CVE-2019-11007 Fixed a heap-based buffer overflow in WriteXWDImage. CVE-2019-11008, CVE-2019-11009...

8.8CVSS8.5AI score0.0377EPSS
Exploits2References7
OSV
OSV
added 2019/06/06 3:29 p.m.4 views

CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159C185 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

5.5CVSS6.1AI score0.0056EPSS
Exploits0References1
Prion
Prion
added 2019/06/06 3:29 p.m.23 views

Double free

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159C185 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

7.1CVSS5.5AI score0.0056EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/06/06 2:35 p.m.34 views

CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159C185 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

5.5AI score0.0056EPSS
Exploits0References1
CVE
CVE
added 2019/06/06 2:35 p.m.74 views

CVE-2019-5305

CVE-2019-5305 affects the image processing module on some Huawei Mate 10 devices (before ALP-L29 9.0.0.159). The root cause is a memory double-free vulnerability that can be triggered when a user installs a malicious app and it calls a specific API, potentially leading to a system crash. Public d...

7.1CVSS5.5AI score0.0056EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/06 12:0 a.m.5 views

The vulnerability of the LibRaw::kodak_ycbcr_load_raw function in the LibRaw image processing library, which is related to buffer overflow attacks, allows attackers to cause a service failure.

The vulnerability of the LibRaw::kodakycbcrloadraw function in the image processing library LibRaw is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.5CVSS7AI score0.01046EPSS
Exploits0References4Affected Software2
Veracode
Veracode
added 2019/05/10 9:13 a.m.28 views

Remote Code Execution (RCE)

Typo3/Cms is vulnerable to remote code execution. Improper configuration of the applications used for image processing allows an attacker to execute arbitrary code on the server by uploading a malicious image file containing PostScript code...

7.5CVSS8.1AI score0.03917EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2019/05/10 12:0 a.m.163 views

TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2019-011, TYPO3-CORE-SA-2019-012, TYPO3-CORE-SA-2019-013)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if description...

9.3CVSS7.6AI score0.03917EPSS
Exploits1References3
Prion
Prion
added 2019/05/09 5:29 a.m.19 views

Remote code execution

TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick...

9.3CVSS8AI score0.03917EPSS
Exploits0References2Affected Software1
Friends Of PHP
Friends Of PHP
added 2019/05/07 9:42 a.m.23 views

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

9.3CVSS7.2AI score0.03917EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2019/05/07 9:42 a.m.25 views

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

9.3CVSS7.2AI score0.03917EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2019/05/07 12:0 a.m.23 views

Possible Arbitrary Code Execution in Image Processing

Image processing, e.g. for generating thumbnails, is actually delegated to ImageMagick or GraphicsMagick for the low-level processing. Whenever ImageMagick is invoked in order to convert data the mime-type of the source is identified for invoking according coders when reading data. In case an...

9.3CVSS7.4AI score0.03917EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.75 views

Fedora Update for leptonica FEDORA-2018-4db33b3753

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7CVSS8.2AI score0.00263EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 4:44 a.m.31 views

Memory Corruption

OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to memory corruption. It is due to an insufficient "validation of images" in share/native/sun/awt/image/awtImageRep.c, possibly involving offsets, causing 2D component to not properly process certain images...

10CVSS8.8AI score0.06788EPSS
Exploits0References34Affected Software3
CNVD
CNVD
added 2019/04/01 12:0 a.m.1 views

ImageMagick heap buffer overflow vulnerability (CNVD-2019-14255)

ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio A heap buffer overflow vulnerability exists in the 'WriteTIFFImage' function ...

8.1CVSS9.4AI score0.04092EPSS
Exploits1References1
Prion
Prion
added 2019/03/13 10:29 p.m.20 views

Design/Logic Flaw

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

2.1CVSS5.5AI score0.00322EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/13 10:29 p.m.31 views

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

5.5CVSS5.5AI score0.00322EPSS
Exploits0References2
Rows per page
Query Builder