ALSA-2026:2799 Moderate: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images CVE-2025-14177 For more details about the...

CVE-2020-9468

The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...

[SECURITY] Fedora 31 Update: libexif-0.6.22-1.fc31

Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags...

Moderate: Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2020-9468

The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...

CVE-2020-9468

The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...

CVE-2020-9468

The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...

[SECURITY] Fedora 26 Update: libexif-0.6.21-14.fc26

Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags...

jasper: missing jas_matrix_create() parameter checks

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690...

UBUNTU-CVE-2016-8884

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690...

UBUNTU-CVE-2016-8691

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted XRsiz value in a BMP image to the imginfo command...

perl-Image-Info XML External Entity Injection Vulnerability

perl-Image-Info extracts meta information from various types of image files. perl-Image-Info suffers from an XML external entity injection vulnerability that can be exploited by attackers to obtain sensitive information or cause a denial of service condition...

CVE-2015-5788

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element...

CVE-2015-5788

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element...

CVE-2015-5788

The CVE-2015-5788 entry describes a flaw in WebKit Canvas handling on iOS prior to version 9 that allows remote attackers to bypass the same-origin policy and read sensitive image data via CANVAS-related vectors. The vulnerability affects the WebKit Canvas implementation and arises from insuffici...

CVE-2015-5788

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element...

Docker Server Image Information Detection (deprecated)

Binary data 8599.prm...

Each of the big CMS vendor CMS the presence of of the same design flaws-vulnerability warning-the black bar safety net

Brief description: In order to write this exploit I have downloaded a lot of CMS doing a lot of experiments, and. Most of which are talked about are the dark clouds already on the Register of vendors, including: Ecshop, And PHPwind, and 74CMS, etc... Here is submitted to on the one hand in order ...

ImageMagick security and bug fix update

6.2.8.0-12.el5 - Add fix for CVE-2010-4167 767142 6.2.8.0-11.el5 Fix assertion failed when using 'identify -verbose' when theres no image information available 502626 6.2.8.0-10.el5 Fix memory allocation failure when using color option 616538 Fix hang when converting broken GIF 693989 Fix...

CVE-2010-4766

The AgentTicketForward feature in Open Ticket Request System OTRS before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a...