Lucene search
K

160 matches found

Positive Technologies
Positive Technologies
added 2022/01/02 12:0 a.m.3 views

PT-2022-4819

Name of the Vulnerable Software and Affected Versions Blender versions 2.93.8 through 3.x Description The issue is related to a missing bounds check in the image loader, leading to out-of-bounds heap access. This allows an attacker to cause denial of service, memory corruption, or potentially cod...

7.8CVSS7.4AI score0.01135EPSS
Exploits0References34
CNNVD
CNNVD
added 2021/10/21 12:0 a.m.15 views

stb 安全漏洞

stb is a single-file public domain library for C/C. stbimage.h is one of the image loaders. stb stbimage.h is vulnerable, and an attacker could use stbimage to crash the service or read up to 1024 bytes of non-contiguous heap data without controlling where it is read...

7.1CVSS5.5AI score0.0136EPSS
Exploits1References15
OSV
OSV
added 2021/07/07 10:15 p.m.2 views

DEBIAN-CVE-2021-21775

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...

8CVSS6.9AI score0.0127EPSS
Exploits1References1
OSV
OSV
added 2021/07/07 10:15 p.m.2 views

UBUNTU-CVE-2021-21775

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked in...

8CVSS6.8AI score0.0127EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/06/02 12:0 a.m.2 views

WebKit WebKitGTK 资源管理错误漏洞

WebKitGTK+ is a full-featured port of the WebKit engine and includes all of WebKit's features. A resource management error vulnerability exists in Webkit WebKitGTK, which stems from a problem with the way certain events are handled by the ImageLoader image loading object in Webkit WebKitGTK 2.30....

8CVSS6.8AI score0.0127EPSS
Exploits1References20
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.7 views

Godot Input Validation Error Vulnerability

Godot is a cross-platform game engine. The engine supports the creation of 2D and 3D games through a unified interface. An input validation error vulnerability exists in Godot v3.2, which stems from a dynamic stack buffer overflow caused by the ImageLoaderTGA: loadimage line. Depending on the...

7.8CVSS6.3AI score0.01505EPSS
Exploits0References3
OSV
OSV
added 2019/12/29 7:15 p.m.2 views

UBUNTU-CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

6.5CVSS6.6AI score0.00935EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/12/13 1:5 a.m.27 views

CVE-2019-19777

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain...

8.9AI score0.01404EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/12/13 12:0 a.m.3 views

PT-2019-15952 · Stb +1 · Stb Image.H +1

Name of the Vulnerable Software and Affected Versions: stb image.h aka the stb image loader version 2.23 Description: The issue is a heap-based buffer over-read in the stbi load main function. This problem affects products that use the stb image loader, including libsixel. Recommendations: For...

9.8CVSS5.7AI score0.01501EPSS
Exploits21References60
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.14 views

The vulnerability of the image loading module in the software suite for creating 3D computer graphics in Blender arises from a numerical overflow condition. This allows an attacker to execute arbitrary code.

The vulnerability of the image loading module in Blender’s 3D computer graphics software is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious .blend file...

7.8CVSS7.9AI score0.0265EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2019/08/14 9:15 p.m.10 views

CVE-2019-15058

stbimage.h aka the stb image loader 2.23 has a heap-based buffer over-read in stbitgaload, leading to Information Disclosure or Denial of Service...

9.1CVSS6.7AI score0.02796EPSS
Exploits1References6
CVE
CVE
added 2019/08/14 8:30 p.m.65 views

CVE-2019-15058

CVE-2019-15058 affects stb_image.h (stb_image loader) version 2.23. A heap-based buffer over-read in stbi__tga_load leads to Information Disclosure or Denial of Service. Documented impact includes possibly exposing data or causing service disruption. Exploitation details are not provided in the s...

9.1CVSS9AI score0.02796EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2019/08/14 8:30 p.m.22 views

CVE-2019-15058

stbimage.h aka the stb image loader 2.23 has a heap-based buffer over-read in stbitgaload, leading to Information Disclosure or Denial of Service...

9.1CVSS9.2AI score0.02796EPSS
Exploits1
OSV
OSV
added 2019/07/03 7:15 p.m.3 views

DEBIAN-CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...

8.8CVSS8AI score0.04043EPSS
Exploits1References1
OSV
OSV
added 2019/05/20 5:29 p.m.0 views

DEBIAN-CVE-2019-12218

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL2image function IMGLoadPCXRW at IMGpcx.c...

6.5CVSS7AI score0.01957EPSS
Exploits1References1
OSV
OSV
added 2018/12/28 12:0 a.m.2 views

UBUNTU-CVE-2018-20548

There is an illegal WRITE memory access at common-image.c function loadimage in libcaca 0.99.beta19 for 1bpp data...

8.8CVSS5.8AI score0.01806EPSS
Exploits1References6
OSV
OSV
added 2018/04/24 7:29 p.m.4 views

UBUNTU-CVE-2017-2903

An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...

8.8CVSS7.7AI score0.01995EPSS
Exploits1References4
OSV
OSV
added 2018/04/24 7:29 p.m.9 views

UBUNTU-CVE-2017-2899

An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...

8.8CVSS7.7AI score0.01824EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/01/16 12:0 a.m.41 views

Debian DSA-4088-1 : gdk-pixbuf - security update

It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened. C Tenable Network Security, Inc. The descriptive text and package checks in this...

8.8CVSS7AI score0.02021EPSS
Exploits3References8
Debian
Debian
added 2018/01/15 7:59 p.m.37 views

[SECURITY] [DSA 4088-1] gdk-pixbuf security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4088-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 15, 2018 https://www.debian.org/security/faq -...

8.8CVSS7.3AI score0.02021EPSS
Exploits3
Rows per page
Query Builder