Lucene search
K

232 matches found

Fedora
Fedora
added 2021/07/11 1:3 a.m.83 views

[SECURITY] Fedora 33 Update: djvulibre-3.5.27-28.fc33

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

5.5CVSS5.8AI score0.01055EPSS
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2021/04/14 1:0 a.m.31 views

Who has the fastest F1 website in 2021? Part 8

This is part 8 in a multi-part series looking at the loading performance of F1 websites. Not interested in F1? It shouldn't matter. This is just a performance review of 10 recently-built/updated sites that have broadly the same goal, but are built by different teams, and have different performanc...

6.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2020/08/19 3:40 p.m.26 views

CVE-2020-16304

A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. Mitigation Mitigation for this issue is either not available or the currently availabl...

5.5CVSS3.1AI score0.01931EPSS
Exploits1References3
OSV
OSV
added 2020/08/13 3:15 a.m.22 views

CVE-2020-16304

A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...

5.5CVSS6.3AI score
Exploits0References8
AlpineLinux
AlpineLinux
added 2020/08/13 2:9 a.m.41 views

CVE-2020-16304

A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...

5.5CVSS6.6AI score0.01931EPSS
Exploits1
Veracode
Veracode
added 2020/04/20 2:23 a.m.17 views

Cross-site Scripting (XSS)

svg2png is vulnerable to cross-site scripting XSS. The attack exists because it renders XML snippet using phantomjs directly into an image without sanitizing it, allowing an attacker to inject arbitrary script inside SVG document...

6.1CVSS4AI score0.007EPSS
Exploits1References1Affected Software1
Veracode
Veracode
added 2020/04/10 1:9 a.m.19 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the way Firefox rendered certain images using WebGL. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the...

9.3CVSS3.5AI score0.03522EPSS
Exploits0References13Affected Software3
Prion
Prion
added 2020/01/02 8:15 p.m.17 views

Heap overflow

Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...

7.5CVSS8.3AI score0.02494EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2020/01/02 7:34 p.m.14 views

CVE-2014-0011

Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...

9.8CVSS9AI score0.02494EPSS
Exploits1
OSV
OSV
added 2019/12/06 2:15 p.m.5 views

MGASA-2019-0364 Updated sdl2_image packages fix security vulnerabilities

Updated sdl2image packages fix security vulnerabilities: An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially...

8.8CVSS8.1AI score0.04515EPSS
Exploits10References3
Check Point Advisories
Check Point Advisories
added 2019/11/25 12:0 a.m.3 views

Grafana Labs Arbitrary File Read (CVE-2018-19039)

An information disclosure vulnerability exists in Grafana. This vulnerability is due to insufficient handling of direct link image rendering of HTML text panels. A remote, authenticated attacker can exploit the vulnerability by creating a crafted HTML text panel and requesting a direct link image...

4CVSS2AI score0.0728EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2019/09/05 12:0 a.m.103 views

Security update for SDL_image (moderate)

openSUSE Security Update: Security update for SDLimage Announcement ID: openSUSE-SU-2019:2071-1 Rating: moderate References: 1124827 1140421 1141844 1143763 1143764 1143766 1143768 Cross-References: CVE-2019-13616 CVE-2019-5052 CVE-2019-5057 CVE-2019-5058 CVE-2019-5059 CVE-2019-5060 CVE-2019-7635...

8.8CVSS7.4AI score0.04515EPSS
Exploits4References7
OSV
OSV
added 2019/07/31 5:15 p.m.22 views

CVE-2019-5059

An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...

8.8CVSS7.4AI score
Exploits0References5
NVD
NVD
added 2019/07/31 5:15 p.m.22 views

CVE-2019-5057

An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS8.8AI score0.03616EPSS
Exploits0References5
NVD
NVD
added 2019/07/31 5:15 p.m.16 views

CVE-2019-5060

An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...

8.8CVSS9.1AI score0.04043EPSS
Exploits1References5
OSV
OSV
added 2019/07/31 5:15 p.m.4 views

ALPINE-CVE-2019-5059

An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...

8.8CVSS8.2AI score0.03616EPSS
Exploits0References1
OSV
OSV
added 2019/07/31 5:15 p.m.3 views

DEBIAN-CVE-2019-5060

An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...

8.8CVSS8.4AI score0.04043EPSS
Exploits1References1
OSV
OSV
added 2019/07/31 5:15 p.m.1 views

ALPINE-CVE-2019-5060

An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...

8.8CVSS8.4AI score0.04043EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/07/31 5:15 p.m.23 views

CVE-2019-5058

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS7.6AI score0.03616EPSS
Exploits0References2
Prion
Prion
added 2019/07/31 5:15 p.m.16 views

Integer overflow

An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...

6.8CVSS8.8AI score0.03616EPSS
Exploits0References5Affected Software3
Rows per page
Query Builder