Lucene search
K

19 matches found

EUVD
EUVD
added 2026/05/11 9:31 p.m.12 views

EUVD-2026-29283

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory...

5.8AI score0.0034EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2026/03/05 12:0 a.m.4 views

Adobe SDK 1.7.1 2410 Overflow Analysis / Fuzzing Model

This Python script implements a comprehensive framework to model, detect, and analyze integer overflows in 32-bit arithmetic, particularly in the context of image memory allocation. The framework combines formal methods, stepwise arithmetic, symbolic execution, SMT-style constraint solving,...

5.9AI score
Exploits0
OSV
OSV
added 2026/01/26 12:37 p.m.5 views

OPENSUSE-SU-2026:20113-1 Security update for php8

This update for php8 fixes the following issues: Version update to 8.4.16: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. - CVE-2025-14178: heap buffer overflow occurs in...

8.2CVSS6AI score0.00573EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2026/01/10 12:0 a.m.3 views

SUSE SLES15: apache2-mod_php8 / php8 / php8-bcmath / php8-bz2 / php8-calendar / etc (SUSE-SU-2026:0086-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0086-1 advisory. Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading imag...

8.2CVSS7.1AI score0.00573EPSS
Exploits4References10
OSV
OSV
added 2026/01/09 3:1 p.m.2 views

SUSE-SU-2026:0086-1 Security update for php8

This update for php8 fixes the following issues: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. - CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element...

8.2CVSS7.4AI score0.00573EPSS
Exploits4References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-8625

Malware in sbrugna...

8.8CVSS6.8AI score0.02448EPSS
Exploits1References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/23 2:25 p.m.4 views

Malicious code in image-memory (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 40ad268d8e5d26e3c122a979160b815c349dc3cd4d22004530c3a5ca5c4299a9 The OpenSSF Package Analysis project identified 'image-memory' @ 99.0.9 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/23 2:25 p.m.2 views

MAL-2025-41298 Malicious code in image-memory (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 40ad268d8e5d26e3c122a979160b815c349dc3cd4d22004530c3a5ca5c4299a9 The OpenSSF Package Analysis project identified 'image-memory' @ 99.0.9 npm as malicious. It is considered malicious because: - The package...

7.3AI score
Exploits0
OSV
OSV
added 2024/12/12 2:15 a.m.5 views

CVE-2024-54500

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may result in disclosure of process memory...

5.5CVSS5.8AI score0.00308EPSS
Exploits0References13
Fedora
Fedora
added 2023/11/03 6:54 p.m.38 views

[SECURITY] Fedora 39 Update: libclc-17.0.2-1.fc39

libclc is an open source, BSD licensed implementation of the library requirements of the OpenCL C programming language, as specified by the OpenCL 1.1 Specification. The following sections of the specification impose library requirements: 6.1: Supported Data Types 6.2.3: Explicit Conversions...

5.5CVSS7.3AI score0.00215EPSS
Exploits0
OSV
OSV
added 2023/05/08 8:15 p.m.2 views

CVE-2023-23534

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory...

5.5CVSS6.7AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/28 5:19 p.m.7 views

CVE-2022-41727 Denial of service via crafted TIFF image in golang.org/x/image/tiff

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service...

7AI score0.00309EPSS
Exploits0References7
CNVD
CNVD
added 2022/03/11 12:0 a.m.33 views

Nextcloud server denial of service vulnerability (CNVD-2022-20690)

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. nextcloud server has a denial of service vulnerability that stems from a networked system or product that does not properly validate data boundaries when performing...

6.5CVSS2.5AI score0.01581EPSS
Exploits1References1
OSV
OSV
added 2021/06/09 2:15 p.m.5 views

CVE-2021-27622

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadImageFromMemory whic...

5.9CVSS7.3AI score0.01208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/09 12:0 a.m.5 views

PT-2021-17557 · Sap · Sap Internet Graphics Server

Name of the Vulnerable Software and Affected Versions: SAP Internet Graphics Service versions 7.20, 7.20EXT, 7.53, 7.20 EX2, 7.81 Description: The issue allows an unauthenticated attacker to submit a malicious request over a network after retrieving an existing system state value. This is due to...

5.9CVSS5.8AI score0.01208EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.6 views

SAP Internet Graphics Service 缓冲区错误漏洞

SAP Internet Graphics Service is a component of the SAP R/3 enterprise environment that provides graphics services. A memory corruption vulnerability exists in SAP Internet Graphics Service that originates from an input validation error in CDrawRaster::LoadImageFromMemory. An unauthenticated...

5.9CVSS5.7AI score0.01208EPSS
Exploits0References7
OSV
OSV
added 2020/08/18 8:43 p.m.7 views

MGASA-2020-0337 Updated jasper packages fix security vulnerabilities

The jasmatrixbindsub function in jasseq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service invalid read via a crafted image CVE-2017-6851. Heap-based buffer overflow in the jpcdecdecodepkt function in jpct2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified...

7.8CVSS6.7AI score0.04676EPSS
Exploits11References4
OSV
OSV
added 2018/05/11 12:0 a.m.2 views

UBUNTU-CVE-2018-5160

WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox 60...

7.5CVSS7.3AI score0.02689EPSS
Exploits0References4
OSV
OSV
added 2018/01/30 12:0 a.m.2 views

UBUNTU-CVE-2018-6405

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service...

6.5CVSS6.7AI score0.01678EPSS
Exploits1References3
Rows per page
Query Builder