Lucene search
K

203 matches found

RedHat Linux
RedHat Linux
added 2022/01/27 2:14 p.m.4 views

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.03486EPSS
Exploits0References4
Veracode
Veracode
added 2021/11/13 12:40 a.m.26 views

Integer Overflow

autotrace is vulnerable integer overflows. A biWidthbiBitCnt integer overflow in input-bmp.c allows attackers to provide an unexpected input value to malloc via a malformed bitmap image resulting in a system hang...

3.3CVSS6.1AI score0.01019EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2021/11/11 6:30 p.m.2 views

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.06322EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 6:25 p.m.4 views

autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

7.8CVSS5.8AI score0.00965EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 6:25 p.m.4 views

autotrace: integer overflow in input-bmp.c

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

4.3CVSS5.9AI score0.01019EPSS
Exploits0References4
OSV
OSV
added 2021/11/03 5:15 p.m.1 views

DEBIAN-CVE-2021-40985

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp...

5.5CVSS5.7AI score0.00871EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2021/11/03 5:15 p.m.4 views

CVE-2021-40985

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp...

5.5CVSS6.3AI score0.00871EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/10/25 12:24 p.m.10 views

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

5.3CVSS6.9AI score0.06322EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/03/31 10:3 a.m.24 views

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

4.3CVSS6.5AI score0.01019EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.4 views

ONLYOFFICE Document Server 缓冲区错误漏洞

ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A buffer overflow vulnerability exists in the BMP image processing of the ONLYOFFICE Document Server core module, which can be exploited by an attacke...

9.8CVSS9.1AI score0.1259EPSS
Exploits1References7
OSV
OSV
added 2021/02/11 9:15 p.m.16 views

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

3.3CVSS6.8AI score
Exploits0References4
NVD
NVD
added 2021/02/11 9:15 p.m.18 views

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

4.3CVSS0.01019EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/02/11 9:15 p.m.4 views

CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

7.8CVSS8AI score0.02228EPSS
Exploits0References5
Prion
Prion
added 2021/02/11 9:15 p.m.16 views

Integer overflow

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

4.3CVSS5.4AI score0.01019EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCve
added 2021/02/11 9:15 p.m.29 views

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

4.3CVSS6.8AI score0.01019EPSS
Exploits0References4
Prion
Prion
added 2021/02/11 9:15 p.m.19 views

Double free

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

6.8CVSS7.3AI score0.02228EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/02/11 8:8 p.m.20 views

CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

7.4AI score0.00965EPSS
Exploits0References3
CVE
CVE
added 2021/02/11 8:8 p.m.133 views

CVE-2019-19005

CVE-2019-19005 affects autotrace 0.31.1 (bitmap processing). The vulnerability is described as a bitmap double free in main.c, potentially leading to unspecified impact after a prior use-after-free in CVE-2017-9182. The connected Nessus entries corroborate that autotrace 0.31.1 is vulnerable and ...

7.8CVSS7.4AI score0.00965EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/02/11 8:8 p.m.24 views

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

5.4AI score0.01019EPSS
Exploits0References4
CVE
CVE
added 2021/02/11 8:8 p.m.91 views

CVE-2019-19004

CVE-2019-19004 affects autotrace 0.31.1: an integer overflow (biWidth*biBitCnt) in input-bmp.c can cause a malformed value to be passed to malloc via a BMP image. The vulnerability is part of multiple autotrace issues (also cited as CVE-2019-19005 and CVE-2022-32323 in related advisories). Impact...

4.3CVSS5.2AI score0.01019EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder