442 matches found
PT-2023-6960 · Golang +2 · Golang +2
Name of the Vulnerable Software and Affected Versions: Golang affected versions not specified Description: The issue is related to excessive CPU consumption during decoding. A maliciously-crafted image, specifically a tiled image with a height of 0 and a very large width, can cause this excessive...
CVE-2022-48512
Use After Free UAF vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally...
CVE-2022-48512
Use After Free UAF vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally...
Design/Logic Flaw
Use After Free UAF vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally...
CVE-2022-48512
CVE-2022-48512 is a Use-After-Free (UAF) vulnerability in the Vdecoderservice component used by Huawei HarmonyOS/EMUI and related platforms. The issue, if exploited, may cause the image decoding feature to behave abnormally. Public documentation among the connected records confirms Vdecoderservic...
CVE-2022-48512
Use After Free UAF vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally...
CVE-2022-48512
Use After Free UAF vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally...
PT-2023-15838 · Unknown · Vdecoderservice
Name of the Vulnerable Software and Affected Versions: Vdecoderservice affected versions not specified Description: The issue is related to a Use After Free UAF vulnerability in the Vdecoderservice service. This vulnerability may cause the image decoding feature to perform abnormally when...
Huawei HarmonyOS 资源管理错误漏洞
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. Huawei HarmonyOS and EMUI have a memory misreference...
SUSE CVE-2009-0163
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the 1 cupsImageReadTIFF function in the imagetops filter...
SUSE CVE-2010-0849
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Marc...
SUSE CVE-2016-8710
An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...
SUSE CVE-2019-13111
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long running loop via a crafted WEBP image file...
SUSE CVE-2020-14355
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...
SUSE CVE-2020-35653
In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations...
Ubuntu: Security Advisory (USN-92-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
stb 输入验证错误漏洞
stb is a single-file public domain library for C/C ++. A security vulnerability exists in nothings stb version 2.27, which originates from an integer overflow in function stbijpegdecodeblockprogdc in the stbimage.h file. An attacker can exploit this vulnerability to cause a denial of service atta...
PYSEC-2022-149
Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...
PYSEC-2022-149
Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., , the decode value contains allocated buffers which can only be freed by calling png::CommonFreeDecode. However,...
PYSEC-2022-93
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...