CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159C185 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

CVE-2019-5305

CVE-2019-5305 affects the image processing module on some Huawei Mate 10 devices (before ALP-L29 9.0.0.159). The root cause is a memory double-free vulnerability that can be triggered when a user installs a malicious app and it calls a specific API, potentially leading to a system crash. Public d...

The vulnerability of the LibRaw::kodak_ycbcr_load_raw function in the LibRaw image processing library, which is related to buffer overflow attacks, allows attackers to cause a service failure.

The vulnerability of the LibRaw::kodakycbcrloadraw function in the image processing library LibRaw is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to cause a service failure...

Remote Code Execution (RCE)

Typo3/Cms is vulnerable to remote code execution. Improper configuration of the applications used for image processing allows an attacker to execute arbitrary code on the server by uploading a malicious image file containing PostScript code...

TYPO3 Multiple Vulnerabilities (TYPO3-CORE-SA-2019-011, TYPO3-CORE-SA-2019-012, TYPO3-CORE-SA-2019-013)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; if description...

Remote code execution

TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick...

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

Fedora Update for leptonica FEDORA-2018-4db33b3753

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Possible Arbitrary Code Execution in Image Processing

Image processing, e.g. for generating thumbnails, is actually delegated to ImageMagick or GraphicsMagick for the low-level processing. Whenever ImageMagick is invoked in order to convert data the mime-type of the source is identified for invoking according coders when reading data. In case an...

Memory Corruption

OpenJDK 7 Java Runtime Environment and OpenJDK 7 Software Development Kit is vulnerable to memory corruption. It is due to an insufficient "validation of images" in share/native/sun/awt/image/awtImageRep.c, possibly involving offsets, causing 2D component to not properly process certain images...

ImageMagick heap buffer overflow vulnerability (CNVD-2019-14255)

ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio A heap buffer overflow vulnerability exists in the 'WriteTIFFImage' function ...

Design/Logic Flaw

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

CVE-2019-6601

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager AAM wamd process used in processing of images and PDFs fails to drop group permissions when executing helper scripts...

SQL VSS writer fails for SQL localdb on Azure AD Connect Sync server.

Challenge Backup or replication jobs with Application Aware Image-Processing enabled may fail on the server hosting Azure AD Connect Sync with an error indicating the SQL writer has failed. After the job has failed, running "Vssadmin list writers" from an administrative command prompt on the Azur...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GD vulnerabilities (USN-3900-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3900-1 advisory. It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with ...

USN-3900-1: GD vulnerabilities

It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with a specially crafted image file to cause GD to crash, resulting in a denial of service, or possibly execute arbitrary code...

PYSEC-2019-248

An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

AdvanceCOMP Invalid Memory Access Vulnerability

AdvanceCOMP is a set of cross-platform command-line data compression tools. An invalid memory access vulnerability exists in the advpngunfilter8 function in png.c in AdvanceCOMP 2.1. An attacker can exploit this vulnerability to cause a denial of service segmentation error or possibly other impac...