Lucene search
K

2250 matches found

OSV
OSV
added 2019/03/13 10:29 p.m.3 views

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

5.5CVSS6.1AI score0.00322EPSS
Exploits0References2
Veeam
Veeam
added 2019/03/13 1:10 p.m.29 views

SQL VSS writer fails for SQL localdb on Azure AD Connect Sync server.

Challenge Backup or replication jobs with Application Aware Image-Processing enabled may fail on the server hosting Azure AD Connect Sync with an error indicating the SQL writer has failed. After the job has failed, running "Vssadmin list writers" from an administrative command prompt on the Azur...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/01 12:0 a.m.62 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GD vulnerabilities (USN-3900-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3900-1 advisory. It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with ...

9.8CVSS7.5AI score0.65116EPSS
Exploits7References3
Ubuntu
Ubuntu
added 2019/02/28 2:8 p.m.224 views

USN-3900-1: GD vulnerabilities

It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with a specially crafted image file to cause GD to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.5AI score0.65116EPSS
Exploits7
OSV
OSV
added 2019/02/25 3:29 p.m.4 views

PYSEC-2019-248

An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

8.8CVSS7.6AI score
Exploits0References3
CNVD
CNVD
added 2019/02/18 12:0 a.m.1 views

AdvanceCOMP Invalid Memory Access Vulnerability

AdvanceCOMP is a set of cross-platform command-line data compression tools. An invalid memory access vulnerability exists in the advpngunfilter8 function in png.c in AdvanceCOMP 2.1. An attacker can exploit this vulnerability to cause a denial of service segmentation error or possibly other impac...

7.8CVSS7AI score0.01247EPSS
Exploits1References1
Carbon Black Blog
Carbon Black Blog
added 2019/02/11 1:35 p.m.172 views

TAU Threat Intelligence Notification: Spear Phishing Targeting Italy

Summary This campaign is targeting users in Italy with spear phishing email containing malicious attachments. Figure 1: Emails with the malicious XLS attachment The image above show one of the sample has attached in multiple email that has been sent to email address with Italy ccTLD. The attached...

0.4AI score
Exploits0
Prion
Prion
added 2019/02/06 9:29 p.m.13 views

Out-of-bounds

An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and...

6.8CVSS7.9AI score0.01893EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/02/06 9:0 p.m.21 views

CVE-2018-3973

An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and...

8.8CVSS7.9AI score0.01893EPSS
Exploits1References2
Talos
Talos
added 2019/01/30 12:0 a.m.85 views

ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

8.8CVSS8.1AI score0.02253EPSS
Exploits1
Huawei
Huawei
added 2019/01/28 12:0 a.m.33 views

Security Advisory - Memory Double Free Vulnerability in Image Processing Module of Some Huawei Smart Phones

The image processing module of some Huawei smart phones has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash. Vulnerability ID: HWPSIRT-2018-110...

7.1CVSS5.4AI score0.0056EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/01/26 11:29 p.m.12 views

CVE-2019-6976

libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image...

5.3CVSS6.8AI score
Exploits0References3
CNVD
CNVD
added 2019/01/11 12:0 a.m.1 views

Memory Corruption Vulnerability in NexusImage Processing of BMP Images

NexusImage is an image viewer. NexusImage suffers from a memory corruption vulnerability when processing BMP images, which can be exploited by an attacker to crash the program by constructing malformed BMP images...

7AI score
Exploits0
Fedora
Fedora
added 2018/12/30 3:21 a.m.39 views

[SECURITY] Fedora 29 Update: leptonica-1.77.0-1.fc29

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.1CVSS1.4AI score0.02065EPSS
Exploits0
Fedora
Fedora
added 2018/12/29 2:26 a.m.26 views

[SECURITY] Fedora 28 Update: leptonica-1.77.0-1.fc28

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.1CVSS1.4AI score0.02065EPSS
Exploits0
Debian
Debian
added 2018/12/27 1:41 p.m.79 views

[SECURITY] [DLA 1619-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u5 CVE ID : CVE-2018-20184 CVE-2018-20185 CVE-2018-20189 Debian Bug : 916752 916719 916721 Multiple vulnerabilities have been found in GraphicsMagick, the image processing system. CVE-2018-20184 The WriteTGAImage function tga.c is affected by a...

6.5CVSS6.8AI score0.02307EPSS
Exploits3
OpenVAS
OpenVAS
added 2018/12/27 12:0 a.m.21 views

Debian: Security Advisory (DLA-1619-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.02307EPSS
Exploits3References3
CNVD
CNVD
added 2018/12/19 12:0 a.m.3 views

LibRaw 'unpacked_load_raw()' Function Denial of Service Vulnerability

LibRaw is a C++ library for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A denial of service vulnerability exists in the LibRaw 'unpackedloadraw' function. An attacker can exploit the vulnerability to cause a DoS Denial of Service...

7.5CVSS8.4AI score0.02505EPSS
Exploits0References1
OSV
OSV
added 2018/12/11 12:0 a.m.1 views

UBUNTU-CVE-2018-18498

A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird 60.4, Firefox ESR 60.4, and Firefox 64...

9.8CVSS7.4AI score0.04032EPSS
Exploits0References6
CNVD
CNVD
added 2018/11/27 12:0 a.m.2 views

ImageMagick Denial of Service Vulnerability (CNVD-2018-26703)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A memory leak vulnerability exists in the 'WritePDBImage' function in the coders/pdb.c file in ImageMagick version...

6.5CVSS7.3AI score0.01714EPSS
Exploits0References1
Rows per page
Query Builder