Lucene search
+L

408 matches found

osv
osv
added 2023/05/15 8:59 a.m.5 views

SUSE-SU-2023:2195-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2023-1729: Fixed a heap buffer overflow when converting an image bsc1210720...

6.5CVSS6.8AI score0.01289EPSS
Exploits1References3
susecve
susecve
added 2023/02/15 5:49 a.m.4 views

SUSE CVE-2012-0447

Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an...

5CVSS8.8AI score0.01859EPSS
Exploits0References7
bdu_fstec
bdu_fstec
added 2022/11/28 12:0 a.m.9 views

The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 arises from reading data beyond the buffer in memory. This allows attackers to disclose protected information.

The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 is related to reading data outside of the buffer in memory...

5.5CVSS6.7AI score0.16374EPSS
Exploits0References6
talos
talos
added 2022/07/18 12:0 a.m.36 views

Accusoft ImageGear PSD Header processing memory allocation out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

9.8CVSS9.1AI score0.01793EPSS
Exploits1
osv
osv
added 2022/05/17 3:15 a.m.7 views

GHSA-9HCJ-H2QC-689P OpenStack Cinder file disclosure in image convert

OpenStack Cinder before 2014.1.5 icehouse, 2014.2.x before 2014.2.4 juno, and 2015.1.x before 2015.1.1 kilo allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command...

6.8CVSS5.9AI score0.02618EPSS
Exploits0References14
fedora
fedora
added 2022/05/16 2:7 a.m.28 views

[SECURITY] Fedora 35 Update: chafa-1.2.1-7.fc35

Chafa is a command-line utility that converts all kinds of images, including animated image formats like GIFs, into ANSI/Unicode character output that can be displayed in a terminal. It is highly configurable, with support for alpha transparency and multiple color modes and color spaces, combinin...

5.5CVSS5.5AI score0.00875EPSS
Exploits1
fedora
fedora
added 2022/05/16 1:45 a.m.28 views

[SECURITY] Fedora 34 Update: chafa-1.2.1-7.fc34

Chafa is a command-line utility that converts all kinds of images, including animated image formats like GIFs, into ANSI/Unicode character output that can be displayed in a terminal. It is highly configurable, with support for alpha transparency and multiple color modes and color spaces, combinin...

5.5CVSS5.5AI score0.00875EPSS
Exploits1
fedora
fedora
added 2022/04/28 5:55 a.m.31 views

[SECURITY] Fedora 34 Update: golang-github-appc-docker2aci-0.17.2-8.fc34

Docker2aci is a small library and CLI binary that converts Docker images to A CI. It takes as input either a file generated by "docker save" or a Docker regist ry URL. It gets all the layers of a Docker image and squashes them into an ACI image. Optionally, it can generate one ACI for each layer,...

7.5CVSS9.2AI score0.03931EPSS
Exploits0
fedora
fedora
added 2022/03/23 12:1 a.m.40 views

[SECURITY] Fedora 34 Update: libcaca-0.99-0.59.beta20.fc34

libcaca is the Colour AsCii Art library. It provides high level functions for color text drawing, simple primitives for line, polygon and ellipse drawing, as well as powerful image to text conversion routines...

8.8CVSS7.5AI score0.02389EPSS
Exploits9
fedora
fedora
added 2022/03/22 11:46 p.m.41 views

[SECURITY] Fedora 35 Update: libcaca-0.99-0.59.beta20.fc35

libcaca is the Colour AsCii Art library. It provides high level functions for color text drawing, simple primitives for line, polygon and ellipse drawing, as well as powerful image to text conversion routines...

8.8CVSS7.5AI score0.02389EPSS
Exploits9
talos
talos
added 2022/02/28 12:0 a.m.39 views

Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev commit b5f1eacd and the forked version of Gerbv commit d7f42a9a. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a...

9.3CVSS7.6AI score0.01268EPSS
Exploits1
talos
talos
added 2022/02/23 12:0 a.m.31 views

Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.10 Product URLs...

9.8CVSS8.7AI score0.01494EPSS
Exploits1
fedora
fedora
added 2021/12/05 1:39 a.m.26 views

[SECURITY] Fedora 34 Update: kxstitch-2.1.1-6.fc34

KXStitch can be used to create cross stitch patterns from scratch. It is also possible to convert existing images to a cross stitch pattern or scan one with a Sane supported scanner...

6.6AI score0.0071EPSS
Exploits1
fedora
fedora
added 2021/12/05 1:39 a.m.24 views

[SECURITY] Fedora 34 Update: chafa-1.2.1-6.fc34

Chafa is a command-line utility that converts all kinds of images, including animated image formats like GIFs, into ANSI/Unicode character output that can be displayed in a terminal. It is highly configurable, with support for alpha transparency and multiple color modes and color spaces, combinin...

6.7AI score0.0071EPSS
Exploits1
fedora
fedora
added 2021/12/05 1:39 a.m.23 views

[SECURITY] Fedora 34 Update: converseen-0.9.9.2-2.fc34

Converseen is a batch image conversion tool and resizer written in C++ with Q t5 and Magick++. Converseen allows you to convert images in more than 100 different formats!...

6.6AI score0.0071EPSS
Exploits1
openvas
openvas
added 2021/12/05 12:0 a.m.12 views

Fedora: Security Advisory for converseen (FEDORA-2021-b58af96f33)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.5AI score0.0071EPSS
Exploits1References2
nvd
nvd
added 2021/11/23 8:15 p.m.20 views

CVE-2021-24641

The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion...

8.1CVSS0.00519EPSS
Exploits2References1
prion
prion
added 2021/11/23 8:15 p.m.16 views

Cross site request forgery (csrf)

The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion...

5.8CVSS8AI score0.00519EPSS
Exploits2References1Affected Software1
cve
cve
added 2021/11/23 7:16 p.m.51 views

CVE-2021-24641

CVE-2021-24641 affects the WordPress plugin Images to WebP (versions before 1.9). The vulnerability is a CSRF flaw in certain administrative actions that can lead to modification of plugin settings, Denial-of-Service, and arbitrary image conversion. The issue is documented across multiple sources...

8.1CVSS8.1AI score0.00519EPSS
Exploits2References1Affected Software1
cnnvd
cnnvd
added 2021/11/23 12:0 a.m.7 views

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress plugin that stems from The Images to WebP...

8.1CVSS7.7AI score0.00519EPSS
Exploits2References2
Rows per page
Query Builder