Lucene search
K

2251 matches found

Talos
Talos
added 2018/07/11 12:0 a.m.53 views

Computerinsel Photoline ANI Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver an ANI image to trigger this...

8.8CVSS8.2AI score0.01469EPSS
Exploits1
Talos
Talos
added 2018/07/11 12:0 a.m.44 views

Computerinsel Photoline PSD Blending Channel Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the PSD-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PSD image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver a PSD image to trigger this vulnerabili...

8.8CVSS8.2AI score0.01469EPSS
Exploits1
Debian
Debian
added 2018/06/27 9:28 p.m.55 views

[SECURITY] [DLA 1401-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u3 CVE ID : CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 CVE-2016-5241 CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449 CVE-2017-11636 CVE-2017-11643 CVE-2017-12937 CVE-2017-13063 CVE-2017-13064 CVE-2017-13065 CVE-2017-13134 CVE-2017-14314...

9.8CVSS8.6AI score0.76897EPSS
Exploits9
OSV
OSV
added 2018/06/27 5:20 p.m.4 views

USN-3693-1 jasper vulnerabilities

It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

7.8CVSS6.9AI score0.05686EPSS
Exploits2References20
OSV
OSV
added 2018/06/27 11:36 a.m.7 views

SUSE-SU-2018:1825-1 Security update for jpeg

This update for jpeg fixes the following issues: CVE-2017-15232: NULL pointer dereferences in jdpostct.c and jquant1.c could lead to denial of service crash when processing images bsc1062937 CVE-2018-11813: Fixed the end-of-file mishandling in readpixel in rdtarga.c, which allowed remote attacker...

7.5CVSS6.8AI score0.03445EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2018/06/25 12:0 a.m.17 views

Debian DLA-1395-1 : php-horde-image security update

It was discovered that there were two remote code execution vulnerabilities in php-horde-image, the image processing library for the Horde groupware tool : - CVE-2017-9774: A remote code execution vulnerability RCE that was exploitable by a logged-in user sending a maliciously crafted HTTP GET...

8.8CVSS8.5AI score0.03986EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2018/06/18 2:0 p.m.28 views

CVE-2018-1152

libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image...

6.5CVSS6.8AI score0.03445EPSS
Exploits0
CNVD
CNVD
added 2018/06/14 12:0 a.m.2 views

ImageMagick Buffer Overflow Vulnerability (CNVD-2018-12313)

ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A security vulnerability exists in versions of ImageMagick prior to 6.9.4-4. A remote attacker could exploit this vulnerability to cause a denial of service application crash...

5.5CVSS6.3AI score0.01673EPSS
Exploits0References1
Hacker One
Hacker One
added 2018/06/13 7:27 a.m.48 views

Basecamp: Remote code execution on Basecamp.com

A critical flaw in Basecamp's profile image upload function leads to remote command execution. Images are converted on the server side, but not only image files but also PostScript/EPS files are accepted if renamed to .gif. This is probably due to ImageMagick / GraphicsMagick being used for image...

6.8CVSS2.2AI score0.96968EPSS
Exploits7
NVD
NVD
added 2018/06/04 4:29 p.m.18 views

CVE-2016-10652

prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks...

8.1CVSS8AI score0.00546EPSS
Exploits0References1
OSV
OSV
added 2018/06/04 4:29 p.m.3 views

CVE-2016-10652

prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks...

8.1CVSS5.8AI score0.00546EPSS
Exploits0References1
NVD
NVD
added 2018/06/04 4:29 p.m.26 views

CVE-2016-10645

grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binary if the attacker is on...

9.3CVSS8.3AI score0.01682EPSS
Exploits0References1
OSV
OSV
added 2018/05/26 6:29 p.m.4 views

DEBIAN-CVE-2018-11489

The DGifDecompressLine function in dgiflib.c in GIFLIB possibly version 3.0.x, as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denial of service or possibly unspecified other impact...

8.8CVSS7.1AI score0.02591EPSS
Exploits1References1
CNVD
CNVD
added 2018/05/21 12:0 a.m.1 views

ImageMagick infinite loop vulnerability (CNVD-2018-12308)

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. An infinite loop vulnerability exists in ReadMIFFImage in coders/miff.c in ImageMagick 7.0.7-16 Q16 x8664 2017-12-22. An attacker can exploit this vulnerability to cau...

7.1CVSS7.2AI score0.02241EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/21 12:0 a.m.1 views

ImageMagick Infinite Loop Vulnerability

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. An infinite loop vulnerability exists in the ReadTXTImage function in coders/txt.c in ImageMagick 7.0.7-16 Q16 x8664 2017-12-22. An attacker can exploit this...

7.1CVSS7.3AI score0.02352EPSS
Exploits1References1
Fedora
Fedora
added 2018/05/16 1:7 p.m.34 views

[SECURITY] Fedora 28 Update: leptonica-1.76.0-1.fc28

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.8CVSS1.4AI score0.03798EPSS
Exploits1
OSV
OSV
added 2018/05/08 12:0 a.m.1 views

UBUNTU-CVE-2018-10804

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c...

6.5CVSS7.3AI score0.02045EPSS
Exploits0References3
Fedora
Fedora
added 2018/05/04 8:19 a.m.31 views

[SECURITY] Fedora 27 Update: opencv-3.2.0-15.fc27

OpenCV means Intel=EF=BF=BD=EF=BF=BD Open Source Computer Vision Library. I t is a collection of C functions and a few C++ classes that implement some popular Image Process ing and Computer Vision algorithms...

8.8CVSS3AI score0.03235EPSS
Exploits1
Fedora
Fedora
added 2018/05/03 3:23 p.m.23 views

[SECURITY] Fedora 26 Update: opencv-3.2.0-15.fc26

OpenCV means Intel=EF=BF=BD=EF=BF=BD Open Source Computer Vision Library. I t is a collection of C functions and a few C++ classes that implement some popular Image Process ing and Computer Vision algorithms...

8.8CVSS3AI score0.03235EPSS
Exploits1
CNVD
CNVD
added 2018/04/16 12:0 a.m.1 views

Denial of Service Vulnerability in Good Photo Image Processing Software for Processing BMP Images

Good Photo is a multi-platform professional-grade image processing software developed by Chengdu Hengtu Technology Co. A memory corruption vulnerability exists in the processing of BMP images by Good Photo image processing software. An attacker can cause the program to crash by constructing a...

7.9AI score
Exploits0
Rows per page
Query Builder