OPENSUSE-SU-2026:20410-1 Security update for exiv2

This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...

MiracleLinux 8 : python-pillow-5.1.1-16.el8 (AXSA:2021-2760:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2760:01 advisory. python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25288...

CVE-2025-54080 Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

Microsoft Office Malformed EPS File Vulnerability

Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image...

ALPINE-CVE-2021-28677

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could...

UBUNTU-CVE-2021-28677

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could...

PT-2021-4624 · Pillow +9 · Pillow +9

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.2.0 Description: The issue is related to the readline implementation in the EPSImageFile component of the Pillow library. It uses a quadratic method to accumulate lines while searching for a line ending, which can b...

Hackers exploit CVE-2 0 1 5-2 5 4 5 exploits the global organization-vulnerability warning-the black bar safety net

Kaspersky Labthe global research and analysis teamGReAT in the pastseveral months, for different network attackgangfor the Asia-Pacific（APAC）andthe Far EastregiontheA series of cyber espionage attacks carried out monitoring, found that these attackstheone common feature: in order tousemalware...

CVE-2015-2545

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."...

Design/Logic Flaw

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."...

CVE-2015-2545

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."...

CVE-2015-2545

CVE-2015-2545 affects Microsoft Office (2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1) via a crafted EPS image that triggers memory corruption during EPS parsing, enabling remote code execution. FireEye details describe an EPS-encoded use-after-free in Office’s EPS handling (dict copy/forall flow) le...

CVE-2015-2545

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka “Microsoft Office Malformed EPS File Vulnerability.” Recent assessments: gwillcox-r7 at November 23, 2020 6:16pm UTC reported: Reported as exploited in the...

CVE-2015-2545

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."...