160 matches found
PT-2022-4819
Name of the Vulnerable Software and Affected Versions Blender versions 2.93.8 through 3.x Description The issue is related to a missing bounds check in the image loader, leading to out-of-bounds heap access. This allows an attacker to cause denial of service, memory corruption, or potentially cod...
stb 安全漏洞
stb is a single-file public domain library for C/C. stbimage.h is one of the image loaders. stb stbimage.h is vulnerable, and an attacker could use stbimage to crash the service or read up to 1024 bytes of non-contiguous heap data without controlling where it is read...
DEBIAN-CVE-2021-21775
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...
UBUNTU-CVE-2021-21775
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...
WebKit WebKitGTK 资源管理错误漏洞
WebKitGTK+ is a full-featured port of the WebKit engine and includes all of WebKit's features. A resource management error vulnerability exists in Webkit WebKitGTK, which stems from a problem with the way certain events are handled by the ImageLoader image loading object in Webkit WebKitGTK 2.30....
Godot Input Validation Error Vulnerability
Godot is a cross-platform game engine. The engine supports the creation of 2D and 3D games through a unified interface. An input validation error vulnerability exists in Godot v3.2, which stems from a dynamic stack buffer overflow caused by the ImageLoaderTGA: loadimage line. Depending on the...
UBUNTU-CVE-2019-20056
stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...
CVE-2019-19777
stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain...
PT-2019-15952 · Stb +1 · Stb Image.H +1
Name of the Vulnerable Software and Affected Versions: stb image.h aka the stb image loader version 2.23 Description: The issue is a heap-based buffer over-read in the stbi load main function. This problem affects products that use the stb image loader, including libsixel. Recommendations: For...
The vulnerability of the image loading module in the software suite for creating 3D computer graphics in Blender arises from a numerical overflow condition. This allows an attacker to execute arbitrary code.
The vulnerability of the image loading module in Blender’s 3D computer graphics software is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious .blend file...
CVE-2019-15058
stbimage.h aka the stb image loader 2.23 has a heap-based buffer over-read in stbitgaload, leading to Information Disclosure or Denial of Service...
CVE-2019-15058
CVE-2019-15058 affects stb_image.h (stb_image loader) version 2.23. A heap-based buffer over-read in stbi__tga_load leads to Information Disclosure or Denial of Service. Documented impact includes possibly exposing data or causing service disruption. Exploitation details are not provided in the s...
CVE-2019-15058
stbimage.h aka the stb image loader 2.23 has a heap-based buffer over-read in stbitgaload, leading to Information Disclosure or Denial of Service...
DEBIAN-CVE-2019-5051
An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...
DEBIAN-CVE-2019-12218
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL2image function IMGLoadPCXRW at IMGpcx.c...
UBUNTU-CVE-2018-20548
There is an illegal WRITE memory access at common-image.c function loadimage in libcaca 0.99.beta19 for 1bpp data...
UBUNTU-CVE-2017-2903
An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...
UBUNTU-CVE-2017-2899
An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...
Debian DSA-4088-1 : gdk-pixbuf - security update
It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened. C Tenable Network Security, Inc. The descriptive text and package checks in this...
[SECURITY] [DSA 4088-1] gdk-pixbuf security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4088-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 15, 2018 https://www.debian.org/security/faq -...