Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61 matches found

Prion
Prionadded 2017/09/28 1:29 a.m.10 views

Integer overflow

The hevcwriteframe function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service integer underflow and application crash or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copyCTBtohv in hevcfilter.c in libavcodec in...

6.8CVSS8.9AI score0.01522EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2017/09/28 12:0 a.m.1 views

libbpg Denial of Service Vulnerability (CNVD-2017-34777)

libbpg is a new type of image format library. A security vulnerability exists in the 'hevcwriteframe' function of the libbpg.c file in libbpg version 0.9.7. A remote attacker can exploit this vulnerability to cause a denial of service out-of-bounds read and application crash with the help of a...

8.8CVSS6.7AI score0.01343EPSS
Exploits1References1
Cvelist
Cvelistadded 2017/09/27 5:0 p.m.25 views

CVE-2017-14796

The hevcwriteframe function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service integer underflow and application crash or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copyCTBtohv in hevcfilter.c in libavcodec in...

9AI score0.01522EPSS
Exploits1References1
CNVD
CNVDadded 2017/09/26 12:0 a.m.1 views

libbpg Denial of Service Vulnerability (CNVD-2017-34973)

libbpg is a new type of image format library. A security vulnerability exists in the 'buildmsps' function of the libbpg.c file in libbpg version 0.9.7. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer overflow and application crash with the help of a...

8.8CVSS7.2AI score0.01576EPSS
Exploits1References1
OSV
OSVadded 2017/09/25 9:29 p.m.1 views

CVE-2017-14734

The buildmsps function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted BPG file, related to hevcdecodeinit1...

8.8CVSS6.1AI score0.01576EPSS
Exploits1References1
CNVD
CNVDadded 2017/03/02 12:0 a.m.3 views

Libbpg library integer overflow vulnerability

Libbpg library is a new image format library. An integer overflow vulnerability exists in the BPG image decoding process in Libbpg library versions 0.9.4 and 0.9.7. An attacker can exploit this vulnerability to execute code with specially crafted BPG images...

7.8CVSS7.6AI score0.03388EPSS
Exploits2References1
OSV
OSVadded 2017/01/26 9:59 p.m.2 views

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

7.8CVSS6AI score
Exploits0References2
Prion
Prionadded 2017/01/26 9:59 p.m.14 views

Heap overflow

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

6.8CVSS7.9AI score0.03388EPSS
Exploits2References2Affected Software1
NVD
NVDadded 2017/01/26 9:59 p.m.21 views

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

7.8CVSS7.8AI score0.03388EPSS
Exploits2References2
Cvelist
Cvelistadded 2017/01/26 9:0 p.m.23 views

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

7.5CVSS7.9AI score0.03388EPSS
Exploits2References2
CVE
CVEadded 2017/01/26 9:0 p.m.56 views

CVE-2016-8710

CVE-2016-8710 is a heap-write-out-of-bounds vulnerability in Libbpg’s BPG image decoding. The issue arises in the HEVC decoding path (restore_tqb_pixels) due to an integer underflow that allows out-of-bounds writes to heap memory, potentially enabling remote code execution when processing a craft...

7.8CVSS7.8AI score0.03388EPSS
Exploits2References2Affected Software1
Debian CVE
Debian CVEadded 2017/01/26 9:0 p.m.22 views

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

7.8CVSS7.9AI score0.03388EPSS
Exploits2
Positive Technologies
Positive Technologiesadded 2017/01/26 12:0 a.m.4 views

PT-2017-9753 · Libbpg +1 · Libbpg +1

Name of the Vulnerable Software and Affected Versions: Libbpg library affected versions not specified Description: A heap write out of bounds vulnerability exists in the decoding of BPG images in the Libbpg library. Decoding a crafted BPG image can cause an integer underflow vulnerability, leadin...

8.8CVSS7.6AI score0.03388EPSS
Exploits8References19
OSV
OSVadded 2016/07/15 6:59 p.m.1 views

CVE-2016-5637

The restoretqbpixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquantbypassenableflag value, which allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via a crafted BPG image, related to a "type confusion" issue...

8.8CVSS6.1AI score0.02861EPSS
Exploits0References2
Prion
Prionadded 2016/07/15 6:59 p.m.15 views

Type confusion

The restoretqbpixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquantbypassenableflag value, which allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via a crafted BPG image, related to a "type confusion" issue...

6.8CVSS8.3AI score0.02861EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2006/11/26 10:7 p.m.13 views

CVE-2006-6110

Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech Content Management System product allow remote attackers to execute arbitrary SQL commands via the 1 vjob parameter in publicationslist.asp or 2 InfoID parameter in publicationview.asp...

7.5CVSS8.6AI score0.01125EPSS
Exploits1References3
Cvelist
Cvelistadded 2006/11/26 10:0 p.m.16 views

CVE-2006-6110

Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech Content Management System product allow remote attackers to execute arbitrary SQL commands via the 1 vjob parameter in publicationslist.asp or 2 InfoID parameter in publicationview.asp...

8.6AI score0.01125EPSS
Exploits1References3
CVE
CVEadded 2006/11/26 10:0 p.m.46 views

CVE-2006-6110

CVE-2006-6110 describes multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech Content Management System. The affected components are the web entry points publications_list.asp (parameter vjob) and publication_view.asp (parameter InfoID). Exploitation would allow remote attackers t...

7.5CVSS9AI score0.01125EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2006/11/24 5:7 p.m.14 views

CVE-2006-6072

SQL injection vulnerability in bpg/publicationslist.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...

7.5CVSS8.1AI score0.01051EPSS
Exploits0References3
CVE
CVEadded 2006/11/24 5:0 p.m.39 views

CVE-2006-6072

CVE-2006-6072: SQL injection in BPG-InfoTech Easy Publisher and Smart Publisher/Pro 2.7.7 via the vjob parameter in bpg/publications_list.asp. Root cause: unsafe SQL construction allowing remote execution of arbitrary commands. Impact: remote attacker could execute arbitrary SQL, with partial con...

7.5CVSS8.5AI score0.01051EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder