198 matches found
SUSE CVE-2023-53560
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...
UBUNTU-CVE-2023-53560
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...
CVE-2023-53560 tracing/histograms: Add histograms to hist_vars if they have referenced variables
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...
K000156725: Multiple ImageMagick vulnerabilities
Security Advisory Description CVE-2020-25663 A call to ConformPixelInfo in the SetImageAlphaChannel routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed or GetPixelBlue was called. This could occur if an attacker is able to submit ...
CLSA-2025-1758823373 libtiff: Fix of 2 CVEs
CVE-2025-8176: fix use after free vulnerability in gethistogram function that prevents proper scanline reading and processing in tools/tiffmedian.c - CVE-2025-8177: fix array overflow in thumbnail generation that could cause buffer overflow when processing malformed TIFF files in tools/thumbnail....
Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2025-1153)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1153 advisory. A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use...
Medium: libtiff
Issue Overview: A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been...
LibTIFF tiffmedian.c get_histogram use after free
...
postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table
An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...
Amazon Linux 2 : libtiff (ALAS-2025-2965)
The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2965 advisory. A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the functi...
ALPINE-CVE-2025-8713
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-1957)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gpio: Restrict usage of GPIO chip irq members before initializationCVE-2022-49072 mmc: core: use sysfsemit instead of sprintf.CVE-2022-49267 ipv4:...
Linux Distros Unpatched Vulnerability : CVE-2025-8176
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file...
Use After Free
libtiff.so is vulnerable to Use After Free. The vulnerability is due to improper memory handling in the gethistogram function of tools/tiffmedian.c, which can be exploited locally to execute arbitrary code...
SUSE CVE-2025-8176
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...
AZL-65981 CVE-2025-8176 affecting package libtiff for versions less than 4.6.0-8
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the gethistogram function when processing a specially crafted TIFF file. An attacker can cause memory corruption, causing a denial of service and potentially impacting confidentiality and integrity, by supplying a...
LibTIFF 资源管理错误漏洞
LibTIFF is a LibTIFF open source library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. A resource management error vulnerability exists in LibTIFF version 4.7.0 and earlier, which stems from the existence of...
A Dual-Layer Image Encryption Framework Using Chaotic AES with Dynamic S-Boxes and Steganographic QR Codes
This paper presents a robust image encryption and key distribution framework that integrates an enhanced AES-128 algorithm with chaos theory and advanced steganographic techniques for dual-layer security. The encryption engine features a dynamic ShiftRows operation controlled by a logistic map,...
CVE-2022-50075
The CVE-2022-50075 entry concerns Linux kernel tracing/eprobes. A NULL pointer dereference can occur when a symbol "@" is used with an event probe, because eprobes previously did not handle data sources beyond main registers (e.g., immediate addresses, symbols, current task name). The issue is mi...