10 matches found
DNG File Generator with Malformed Metadata
This Python script generates a custom DNG Digital Negative image file by manually constructing TIFF/DNG structures, including headers, Image File Directories IFDs, and metadata tags...
EUVD-2022-34738
Malicious code in bioql PyPI...
MCPMappingViewer 路径遍历漏洞
MCPMappingViewer is a small GUI for viewing the mapping from Minecraft obfuscated code names to MCP code names. A path traversal vulnerability exists in MCPMappingViewer. An attacker could use this vulnerability to perform incorrect operations to obtain sensitive information in file directories...
SCIFIO 路径遍历漏洞
SCIFIO is SCIFIO open source an extensible Java framework. Used to read and write images, especially N-dimensional scientific images. A path traversal vulnerability exists in SCIFIO. An attacker could use this vulnerability to perform incorrect operations to obtain sensitive information in file...
CVE-2022-2479
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page...
CVE-2022-2479
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page...
Directory Traversal
convert-svg-core is vulnerable to directory traversal. The vulnerability exists in Converter.js because the SVG tags are not properly sanitized which allows an attacker to access file directories via a specially crafted SVG file...
CVE-2021-25353
Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent...
Design/Logic Flaw
Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent...
Threat Roundup for September 14 to September 21
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...