408 matches found
SUSE-SU-2023:2195-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2023-1729: Fixed a heap buffer overflow when converting an image bsc1210720...
SUSE CVE-2012-0447
Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an...
The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 arises from reading data beyond the buffer in memory. This allows attackers to disclose protected information.
The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 is related to reading data outside of the buffer in memory...
Accusoft ImageGear PSD Header processing memory allocation out-of-bounds write vulnerability
Summary An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...
GHSA-9HCJ-H2QC-689P OpenStack Cinder file disclosure in image convert
OpenStack Cinder before 2014.1.5 icehouse, 2014.2.x before 2014.2.4 juno, and 2015.1.x before 2015.1.1 kilo allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command...
[SECURITY] Fedora 35 Update: chafa-1.2.1-7.fc35
Chafa is a command-line utility that converts all kinds of images, including animated image formats like GIFs, into ANSI/Unicode character output that can be displayed in a terminal. It is highly configurable, with support for alpha transparency and multiple color modes and color spaces, combinin...
[SECURITY] Fedora 34 Update: chafa-1.2.1-7.fc34
Chafa is a command-line utility that converts all kinds of images, including animated image formats like GIFs, into ANSI/Unicode character output that can be displayed in a terminal. It is highly configurable, with support for alpha transparency and multiple color modes and color spaces, combinin...
[SECURITY] Fedora 34 Update: golang-github-appc-docker2aci-0.17.2-8.fc34
Docker2aci is a small library and CLI binary that converts Docker images to A CI. It takes as input either a file generated by "docker save" or a Docker regist ry URL. It gets all the layers of a Docker image and squashes them into an ACI image. Optionally, it can generate one ACI for each layer,...
[SECURITY] Fedora 34 Update: libcaca-0.99-0.59.beta20.fc34
libcaca is the Colour AsCii Art library. It provides high level functions for color text drawing, simple primitives for line, polygon and ellipse drawing, as well as powerful image to text conversion routines...
[SECURITY] Fedora 35 Update: libcaca-0.99-0.59.beta20.fc35
libcaca is the Colour AsCii Art library. It provides high level functions for color text drawing, simple primitives for line, polygon and ellipse drawing, as well as powerful image to text conversion routines...
Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability
Summary An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev commit b5f1eacd and the forked version of Gerbv commit d7f42a9a. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a...
Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.10 Product URLs...
[SECURITY] Fedora 34 Update: kxstitch-2.1.1-6.fc34
KXStitch can be used to create cross stitch patterns from scratch. It is also possible to convert existing images to a cross stitch pattern or scan one with a Sane supported scanner...
[SECURITY] Fedora 34 Update: chafa-1.2.1-6.fc34
Chafa is a command-line utility that converts all kinds of images, including animated image formats like GIFs, into ANSI/Unicode character output that can be displayed in a terminal. It is highly configurable, with support for alpha transparency and multiple color modes and color spaces, combinin...
[SECURITY] Fedora 34 Update: converseen-0.9.9.2-2.fc34
Converseen is a batch image conversion tool and resizer written in C++ with Q t5 and Magick++. Converseen allows you to convert images in more than 100 different formats!...
Fedora: Security Advisory for converseen (FEDORA-2021-b58af96f33)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-24641
The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion...
Cross site request forgery (csrf)
The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion...
CVE-2021-24641
CVE-2021-24641 affects the WordPress plugin Images to WebP (versions before 1.9). The vulnerability is a CSRF flaw in certain administrative actions that can lead to modification of plugin settings, Denial-of-Service, and arbitrary image conversion. The issue is documented across multiple sources...
WordPress 跨站请求伪造漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress plugin that stems from The Images to WebP...