CVE-2022-50399

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: prevent integer overflow in shcsssetblackframe The "height" and "width" values come from the user so the "height width" multiplication can overflow...

CVE-2022-50399 media: atomisp: prevent integer overflow in sh_css_set_black_frame()

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: prevent integer overflow in shcsssetblackframe The "height" and "width" values come from the user so the "height width" multiplication can overflow...

CVE-2024-6181

A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This vulnerability affects unknown code of the file /labvantage/rc?command=file=WEB-CORE/elements/files/filesembedded.jsp=32. The manipulation of the argument height/width leads to cross site scripting. The...

CVE-2024-6058

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page=SampleHistoricalList&iframename=list&crc=crc1701669816260. The manipulation of the argument height/width leads to cross site scripting. It is...

CVE-2024-6181

A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This vulnerability affects unknown code of the file /labvantage/rc?command=file&file=WEB-CORE/elements/files/filesembedded.jsp&size=32. The manipulation of the argument height/width leads to cross site...

PT-2024-37352 · Labvantage · Labvantage Lims

Name of the Vulnerable Software and Affected Versions: LabVantage LIMS version 2017 Description: A problematic vulnerability has been found in LabVantage LIMS, affecting an unknown part of the file "/labvantage/rc?command=page&page=SampleHistoricalList& iframename=list& crc=crc 1701669816260". Th...

LabVantage Solutions LIMS Cross-Site Scripting Vulnerability

LabVantage Solutions LIMS is a laboratory letter management system from LabVantage Solutions, USA. A cross-site scripting vulnerability exists in LabVantage Solutions LIMS version 2017 that stems from incorrect manipulation of the parameters height/width resulting in cross-site scripting...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, USA. An input validation error vulnerability exists in Google TensorFlow version 2.12 prior to 2.12.0 and version 2.11 prior to 2.11.1, which stems from an integer overflow that occurs when "2^31 =...

CVE-2023-25667

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

SUSE CVE-2011-0596

The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted 1 height and 2 width values for an RLE8 compressed bitmap, which trigger...

SUSE CVE-2018-12359

A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60,...

CVE-2022-40839

A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data...

Mapbox 输入验证错误漏洞

Mapbox is a location data platform for mobile and Web applications from Mapbox, Inc. A buffer overflow vulnerability exists in versions prior to Mapbox gl-native 10.6.1, which stems from excessive image height and width values when creating new images, and can be exploited to cause Mapbox process...

DEBIAN-CVE-2019-20788

libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690...

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function

A flaw was found in libvncserver in versions through 0.9.12. A large height or width value may cause an integer overflow or a heap-based buffer overflow. The highest threat from this vulnerability is to system availability...

FFmpeg destroy_buffers Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'destroybuffers' function in the libavcodec/sanm.c file in versions of FFmpeg prior to 2.7.2, which stems from the program's failure to correctly...

RealNetworks RealPlayer RV10 Encoded Height/Width Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must visit a malicious page or open a malicious file. The flaw exists within the RV10 encoded data in the rv10.dll component...

Real Networks RealPlayer < 15.0.2.72 Multiple Vulnerabilities

Binary data 6311.prm...