PT-2023-35902 · Git +1 · Serenity

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue is identified, potentially causing a crash. The crash occurs in the Gfx::InputStreamer::read u24 function, which is...

USN-6137-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

SUSE CVE-2004-0782

Integer overflow in pixbufcreatefromxpm io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain ncol and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+...

SUSE CVE-2004-0788

Integer overflow in the ICO image decoder for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted ICO file...

SUSE CVE-2009-0166

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a free of uninitialized memory...

SUSE CVE-2009-1182

Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file...

SUSE CVE-2009-2984

Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors...

SUSE CVE-2018-5248

In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixeldecode function...

The vulnerability of the jbig2_image_compose function in the jbig2_image.c component of the JBIG2 image compression decoder Jbig2dec allows a attacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the jbig2imagecompose function in the jbig2image.c component of the JBIG2 image compression decoder Jbig2dec is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause servic...

PNGDec 缓冲区错误漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec that stems from a heap buffer overflow in SaveBMP in the /linux/main.cpp file...

PNGDec 安全漏洞

PNGDec is an Arduino PNG image decoder library from the individual developer Larry Bank. A security vulnerability exists in PNGDec, which stems from a memory allocation issue in asanmalloclinux.cpp...

CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups 256x256 pixels when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another. This copy can occur when processing the...

ok-file-formats 缓冲区错误漏洞

ok-file-formats is an open source decoder for PNG, JPEG, WAV and several other file formats. A security vulnerability exists in ok-file-formats which allows attackers to cause a denial of service DOS via a crafted jpeg file...

MGASA-2021-0249 Updated jasper packages fix security vulnerabilities

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened CVE-2021-3443. A NULL pointer dereference fl...

OSV-2021-315 Global-buffer-overflow in Gfx::decode_frame

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30507 Crash type: Global-buffer-overflow READ 4 Crash state: Gfx::decodeframe Gfx::GIFImageDecoderPlugin::frame Gfx::GIFImageDecoderPlugin::bitmap...

Western Digital My Cloud Multiple Products < 2.21.111 Multiple Vulnerabilities

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2020-12268

jbig2imagecompose in jbig2image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow...

Multiple Adobe Products JBIG2 Decoder Memory Misreference Vulnerability

Acrobat DC Continuous Track and so on are the United States of America Ordoby Adobe company's products. Acrobat DC Continuous Track is a desktop version of the continuous update of the PDF solution. Reader DC Continuous Track is a continuous update of the version of the PDF reading tool. JBIG2...

CVE-2017-14272

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000595d."...

MGASA-2017-0227 Updated gdk-pixbuf2.0 packages fix security vulnerability

The gdk-pixbuf2.0 package has been updated to version 2.36.7, which fixes integer overflows in the ico, bmp, and tiff decoder, as well as fixing other bugs...