232 matches found
[SECURITY] Fedora 33 Update: djvulibre-3.5.27-28.fc33
DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...
Who has the fastest F1 website in 2021? Part 8
This is part 8 in a multi-part series looking at the loading performance of F1 websites. Not interested in F1? It shouldn't matter. This is just a performance review of 10 recently-built/updated sites that have broadly the same goal, but are built by different teams, and have different performanc...
CVE-2020-16304
A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. Mitigation Mitigation for this issue is either not available or the currently availabl...
CVE-2020-16304
A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...
CVE-2020-16304
A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...
Cross-site Scripting (XSS)
svg2png is vulnerable to cross-site scripting XSS. The attack exists because it renders XML snippet using phantomjs directly into an image without sanitizing it, allowing an attacker to inject arbitrary script inside SVG document...
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the way Firefox rendered certain images using WebGL. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the...
Heap overflow
Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...
CVE-2014-0011
Multiple heap-based buffer overflows in the ZRLEDECODE function in common/rfb/zrleDecode.h in TigerVNC before 1.3.1, when NDEBUG is enabled, allow remote VNC servers to cause a denial of service vncviewer crash and possibly execute arbitrary code via vectors related to screen image rendering...
MGASA-2019-0364 Updated sdl2_image packages fix security vulnerabilities
Updated sdl2image packages fix security vulnerabilities: An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially...
Grafana Labs Arbitrary File Read (CVE-2018-19039)
An information disclosure vulnerability exists in Grafana. This vulnerability is due to insufficient handling of direct link image rendering of HTML text panels. A remote, authenticated attacker can exploit the vulnerability by creating a crafted HTML text panel and requesting a direct link image...
Security update for SDL_image (moderate)
openSUSE Security Update: Security update for SDLimage Announcement ID: openSUSE-SU-2019:2071-1 Rating: moderate References: 1124827 1140421 1141844 1143763 1143764 1143766 1143768 Cross-References: CVE-2019-13616 CVE-2019-5052 CVE-2019-5057 CVE-2019-5058 CVE-2019-5059 CVE-2019-5060 CVE-2019-7635...
CVE-2019-5059
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...
CVE-2019-5057
An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...
ALPINE-CVE-2019-5059
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...
DEBIAN-CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...
ALPINE-CVE-2019-5060
An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a heap...
CVE-2019-5058
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
Integer overflow
An exploitable code execution vulnerability exists in the XPM image rendering functionality of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow, allocating too small of a buffer. This buffer can then be written out of bounds resulting in a heap overflow, ultimately...