Lucene search
K

21 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in pillow

A issue was discovered in Pillow before version 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a denial-of-service attack on Image.open prior to Image.load...

5.5CVSS5.8AI score0.0096EPSS
Exploits0References2
OSV
OSV
added 2024/02/27 6:31 p.m.6 views

USN-6644-2 tiff vulnerabilities

USN-6644-1 fixed vulnerabilities in LibTIFF. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly u...

7.5CVSS6.8AI score0.02187EPSS
Exploits1References4
0day.today
0day.today
added 2023/04/03 12:0 a.m.231 views

Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting XSS Exploit Author: Sajibe Kanti Vendor Name: ActiveITzone Vendor Homepage: https://activeitzone.com/ Software Link: https://codecanyon.net/item/active-ecommerce-cms/23471405 Version: 6.5.0 Tested on: Live Centos & Litespeed...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/03 12:0 a.m.164 views

Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting (XSS)

Exploit Title: Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting XSS Date: 19/01/2023 Exploit Author: Sajibe Kanti Vendor Name: ActiveITzone Vendor Homepage: https://activeitzone.com/ Software Link: https://codecanyon.net/item/active-ecommerce-cms/23471405 Version: 6.5.0 Tested on: Live...

7AI score
Exploits0
OSV
OSV
added 2022/02/08 9:57 a.m.3 views

USN-5143-1 leptonlib vulnerability

It was discovered that Leptonica incorrectly handled certain image files. An attacker could possibly use this issue to execute arbitrary code or other unspecified impact...

9.8CVSS7.6AI score0.02491EPSS
Exploits0References2
OSV
OSV
added 2022/01/17 1:14 p.m.5 views

USN-5227-2 pillow vulnerabilities

USN-5227-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

9.8CVSS7AI score0.03399EPSS
Exploits1References6
OSV
OSV
added 2021/11/17 12:56 p.m.4 views

USN-5150-1 openexr vulnerability

It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash...

6.5CVSS6.8AI score0.00291EPSS
Exploits0References2
OSV
OSV
added 2021/08/31 5:40 p.m.13 views

USN-5060-2 ntfs-3g vulnerabilities

USN-5060-1 fixed a vulnerability in NTFS-3G. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary co...

7.8CVSS7AI score0.00487EPSS
Exploits0References2
OSV
OSV
added 2021/08/31 4:32 p.m.12 views

USN-5060-1 ntfs-3g vulnerabilities

It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary code...

7.8CVSS7AI score0.00487EPSS
Exploits0References2
OSV
OSV
added 2021/08/17 5:31 p.m.2 views

USN-5043-1 exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622 It was discovered that Exiv2 incorrectly handled certain image files. An attacker could...

5.5CVSS5.8AI score0.01109EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2021/07/16 12:0 a.m.2 views

PT-2021-7872 · Offis +5 · Dcmtk +5

Name of the Vulnerable Software and Affected Versions: OFFIS DCMTK versions prior to 3.6.7 Description: The issue is related to a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-of-service condition. This vulnerability is associated with errors in...

9.8CVSS6.9AI score0.07629EPSS
Exploits10References100
Cvelist
Cvelist
added 2020/08/04 2:14 p.m.18 views

CVE-2020-7823 DaviewIndy Multiple Vulnerabilities

DaviewIndy has a Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

7.8CVSS8.1AI score0.01177EPSS
Exploits0References2
OSV
OSV
added 2020/01/08 5:42 p.m.3 views

USN-4232-1 graphicsmagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

8.8CVSS6.7AI score0.19193EPSS
Exploits9References12
OSV
OSV
added 2019/12/03 1:44 p.m.3 views

USN-4207-1 graphicsmagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

9.8CVSS6.7AI score0.0377EPSS
Exploits9References14
OSV
OSV
added 2019/12/02 7:46 p.m.10 views

USN-4206-1 graphicsmagick vulnerabilities

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. CVE-2017-10794, CVE-2017-10799, CVE-2017-11102, CVE-2017-11140, CVE-2017-11403, CVE-2017-11636, CVE-2017-11637, CVE-2017-13147, CVE-2017-14042,...

9.8CVSS6.7AI score0.2831EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2016/11/08 12:0 a.m.61 views

MS16-130: Security Update for Microsoft Windows (3199172)

The remote Windows host is missing a security update or security rollup. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists in the Windows image file handling functionality due to improper handling of image files. An unauthenticated, remot...

9.3CVSS8.3AI score0.69829EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.28 views

Oracle: Security Advisory (ELSA-2007-0513)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.07169EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/09/30 12:0 a.m.42 views

Debian DSA-3039-1 : chromium-browser - security update

Several vulnerabilities were discovered in the chromium web browser. - CVE-2014-3160 Christian Schneider discovered a same origin bypass issue in SVG file resource fetching. - CVE-2014-3162 The Google Chrome development team addressed multiple issues with potential security impact for chromium...

10CVSS9.1AI score0.09758EPSS
Exploits0References36
Tenable Nessus
Tenable Nessus
added 2012/04/03 12:0 a.m.32 views

IrfanView < 4.33 Boundary Error Multiple Image File Handling Remote Overflow

The remote Windows host contains a version of IrfanView earlier than 4.33. As such, it is reportedly affected by a heap-based buffer overflow vulnerability due to the way the application handles RLE compressed bitmap files. An attacker could trick a user into opening specially crafted DIB, RLE, o...

6.8CVSS6.2AI score0.05733EPSS
Exploits0References3
exploitpack
exploitpack
added 2011/04/25 12:0 a.m.15 views

eyeOS 1.9.0.2 - Image File Handling HTML Injection

eyeOS 1.9.0.2 - Image File Handling HTML Injection source: https://www.securityfocus.com/bid/47629/info eyeOS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input passed through image content before using it in dynamically generated content...

Exploits0
Rows per page
Query Builder