Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

auto-cve-2022-44268 Automating expl...

USN-6202-1: containerd vulnerabilities

David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd to crash, resulting in a denial of service. CVE-2023-25153 It was discovered that containerd incorrectly set up...

USN-6202-1 containerd vulnerabilities

David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd to crash, resulting in a denial of service. CVE-2023-25153 It was discovered that containerd incorrectly set up...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-32372

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory...

CVE-2023-32372

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory...

CVE-2023-32372

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory...

Input validation

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory...

Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-32372

CVE-2023-32372 is an Apple vulnerability: an out-of-bounds read in ImageIO was addressed by improved input validation. Affected software includes iOS 16.5 and iPadOS 16.5 (and related Apple OSes such as watchOS 9.5, tvOS 16.5, macOS Ventura 13.4). The root cause is an out-of-bounds read while pro...

CVE-2023-32372

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory...

CVE-2023-32384

CVE-2023-32384 affects Apple operating systems including watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 15.7.6 and 16.5, and iPadOS 15.7.6 and 16.5. The issue is a buffer overflow triggered during image processing, with the root cause stated as improv...

OESA-2023-1350 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

SUSE CVE-2023-26965

loadImage in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image...

ROS-20230615-01

LibRaw image processing library vulnerability is related to heap buffer overflow in raw2imageex. Exploitation of the vulnerability could allow an attacker acting remotely to cause an application to application crash due to a maliciously crafted input file...

OESA-2023-1332 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

ImageMagick 命令注入漏洞

ImageMagick is a set of open-source image processing software from the American company ImageMagick. The software can read, convert or write images in a variety of formats. A security vulnerability exists in ImageMagick, which stems from a shell command injection vulnerability...

USN-6110-1 Jhead vulnerabilities

It was discovered that Jhead did not properly handle certain crafted Canon images when processing them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS...

部分Apple产品 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in some Apple products, which stems from processing images that may lead to arbitrary code execution. The following products and versions are affected: watchOS before 9.5, tvOS...