15 matches found
CVE-2026-44899
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the Image directive plugin validates the :width: and :height: options with a regex compiled as numre = re.compiler"^\d+?:.\d?". When the validated value is not a plain integer, renderblockimage inserts it directly int...
mistune 跨站脚本漏洞
Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Image directive plugin using regular expressions that only matched prefixes to validate the wid...
SUSE CVE-2025-65834
Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...
CVE-2025-65834
Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...
Huawei EulerOS: Security Advisory for netpbm (EulerOS-SA-2019-2426)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-14596
wancms 1.0 through 5.0 allows remote attackers to cause a denial of service resource consumption via a checkcode aka verification code URI in which the values of fontsize, width, and height are large numbers...
USN-3380-1 freerdp vulnerabilities
It was discovered that FreeRDP incorrectly handled certain width and height values. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. CVE-2014-0250 It was discovered...
CVE-2017-7696
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service memory consumption via large values in the width and height parameters to otplogonuiresources/qr, aka SAP Security Note 2389042...
CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...
ALPINE-CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...
CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...
CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...
CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...
CVE-2016-6912
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...
DEBIAN-CVE-2007-6277
Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...