Lucene search
K

170 matches found

susecve
susecve
added 2023/02/15 6:12 a.m.2 views

SUSE CVE-2007-2445

The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value...

5CVSS6.8AI score0.05115EPSS
Exploits1References5
susecve
susecve
added 2023/02/15 5:41 a.m.3 views

SUSE CVE-2013-0792

Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.colormanagement.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service memory corruption via a...

4.3CVSS8.5AI score0.01382EPSS
Exploits0References11
susecve
susecve
added 2023/02/15 4:12 a.m.4 views

SUSE CVE-2019-11598

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c...

5.1CVSS6.8AI score0.04057EPSS
Exploits1References9
susecve
susecve
added 2023/02/15 3:48 a.m.2 views

SUSE CVE-2021-3695

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...

7.5CVSS8.6AI score0.00462EPSS
Exploits0References25
nessus
nessus
added 2022/10/08 12:0 a.m.28 views

EulerOS 2.0 SP5 : libjpeg-turbo (EulerOS-SA-2022-2442)

According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer...

5.5CVSS7AI score0.01009EPSS
Exploits0References2
openvas
openvas
added 2022/09/14 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2022-2296)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.01009EPSS
Exploits0References2
nessus
nessus
added 2022/07/14 12:0 a.m.41 views

Oracle Linux 9 : grub2 (ELSA-2022-9596)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9596 advisory. - CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733 - CVE-2021-3697 CVE-2021-3696 CVE-2021-3695 Tenable has extracted the preceding descripti...

8.1CVSS6.6AI score0.01284EPSS
Exploits0References9
ubuntucve
ubuntucve
added 2022/06/18 4:15 p.m.39 views

CVE-2021-46822

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the getwordrgbrow function in rdppm.c...

5.5CVSS7AI score0.01009EPSS
Exploits0References3
osv
osv
added 2022/06/18 4:15 p.m.4 views

UBUNTU-CVE-2021-46822

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the getwordrgbrow function in rdppm.c...

5.5CVSS7AI score0.01009EPSS
Exploits0References4
redhat
redhat
added 2022/06/16 3:49 p.m.5 views

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

4.5CVSS7.7AI score0.00462EPSS
Exploits0References4
redhat
redhat
added 2022/06/16 3:39 p.m.5 views

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

4.5CVSS7.7AI score0.00462EPSS
Exploits0References4
redhat
redhat
added 2022/06/16 3:26 p.m.4 views

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

4.5CVSS7.7AI score0.00462EPSS
Exploits0References4
redhat
redhat
added 2022/06/16 2:57 p.m.4 views

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

4.5CVSS7.7AI score0.00462EPSS
Exploits0References4
rocky
rocky
added 2022/06/16 1:10 p.m.51 views

grub2, mokutil, shim, and shim-unsigned-x64 security update

An update is available for grub2, shim, shim-unsigned-x64, mokutil. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the...

8.1CVSS7AI score0.01284EPSS
Exploits0
nessus
nessus
added 2022/06/16 12:0 a.m.41 views

RHEL 8 : grub2, mokutil, and shim (RHSA-2022:5098)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5098 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

8.1CVSS7.1AI score0.01284EPSS
Exploits0References18
nessus
nessus
added 2022/06/16 12:0 a.m.105 views

RHEL 8 : grub2, mokutil, shim, and shim-unsigned-x64 (RHSA-2022:5095)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5095 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

8.1CVSS7.1AI score0.01284EPSS
Exploits0References18
nvd
nvd
added 2022/06/15 12:15 p.m.18 views

CVE-2021-41413

ok-file-formats master 2021-9-12 is affected by a buffer overflow in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...

7.8CVSS0.00811EPSS
Exploits1References2
attackerkb
attackerkb
added 2022/06/15 12:15 p.m.3 views

CVE-2021-41413

ok-file-formats master 2021-9-12 is affected by a buffer overflow in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...

7.8CVSS7.4AI score0.00811EPSS
Exploits1References3
osv
osv
added 2022/06/15 12:15 p.m.9 views

CVE-2021-41413

ok-file-formats master 2021-9-12 is affected by a buffer overflow in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...

7.8CVSS7.4AI score0.00811EPSS
Exploits1References2
cnnvd
cnnvd
added 2022/06/15 12:0 a.m.4 views

ok-file-formats 安全漏洞

ok-file-formats is an open source decoder for PNG, JPEG, WAV and some other file formats. A security vulnerability exists in ok-file-formats master version 2021-9-12, which stems from a buffer overflow issue in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...

7.8CVSS7.7AI score0.00811EPSS
Exploits1References3
Rows per page
Query Builder