CVE-2017-11538

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage function in coders/png.c...

CVE-2017-11533

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage function in coders/uil.c...

CVE-2017-11532

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage function in coders/mpc.c...

CVE-2017-11535

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage function in coders/ps.c...

CVE-2017-11538

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage function in coders/png.c...

CVE-2017-11535

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage function in coders/ps.c...

CVE-2017-11533

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage function in coders/uil.c...

UBUNTU-CVE-2017-11537

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception FPE in the WritePALMImage function in coders/palm.c, related to an incorrect bits-per-pixel calculation...

SWFTools Denial of Service Vulnerability (CNVD-2017-15103)

SWFTools is a utility toolset for working with Adobe Flash files SWF files. A denial of service vulnerability exists in the 'wavconvert2mono' function in the lib/wav.c file in SWFTools version 0.9.2. An attacker can exploit this vulnerability to cause a denial of service crash...

CVE-2017-11099

When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wavconvert2mono function in lib/wav.c...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:1773-1)

This update for systemd fixes the following issues: Security issue fixed : - CVE-2017-9217: resolved: Fix NULL pointer p-question dereferencing that could lead to resolved aborting bsc1040614 The update also fixed several non-security bugs : - core/mount: Use the '-c' flag to not canonicalize pat...

Memory out-of-bounds write vulnerability in WPS Text WordConvertDll module

WPS is an office software developed by Kingsoft Office Software. A memory out-of-bounds write vulnerability exists in the WPS text WordConvertDll module. The vulnerability is caused due to the program failing to validate the buffer length when the user uses the Traditional and Simplified Conversi...

EulerOS 2.0 SP1 : mercurial (EulerOS-SA-2016-1019)

According to the versions of the mercurial package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository...

DEBIAN-CVE-2016-7407

The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file...

PHP Denial of Service Vulnerability (CNVD-2017-01934)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

Integer overflow

The exifconvertanytoint function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service application crash via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1...

UBUNTU-CVE-2016-10158

The exifconvertanytoint function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service application crash via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1...

PT-2018-5098 · Openjpeg +3 · Openjpeg +3

Name of the Vulnerable Software and Affected Versions: openjpeg version 2.1.2 Description: A heap buffer overflow issue was discovered due to an infinite loop vulnerability in the tiftoimage component of openjpeg, specifically affecting the convert 32s C1P1 function. Recommendations: For openjpeg...

CVE-2016-8707

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered...

Remote code execution

An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered...