Fedora: Security Advisory for python2-pillow (FEDORA-2021-bf01a738f3)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Leptonica: Multiple vulnerabilities

Background Leptonica is a C library for image processing and analysis. Description Multiple vulnerabilities have been discovered in Leptonica. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

Adobe Photoshop Incorrect Input Validation Vulnerability

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. A security vulnerability exists in Adobe Photoshop. An attacker can exploit this vulnerability to read arbitrary files on the system...

Google Chrome image processing security bypass vulnerability

Google Chrome is a web browser from the US company Google. A security vulnerability exists in image processing in Windows in versions prior to Google Chrome 92.0.4515.107. An attacker could exploit this vulnerability to bypass security restrictions...

Apple iOS和Apple iPadOS 资源管理错误漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple iOS 14.7 and iPadOS 14.7 are vulnerable to a resource management error. A resource management error vulnerability exists in...

Google Chrome 安全漏洞

Google Chrome is a web browser from the US company Google. A security vulnerability exists in image processing in Windows in versions prior to Google Chrome 92.0.4515.107. An attacker could exploit this vulnerability to bypass security restrictions...

The vulnerability of the MagickCore/resample.c file, a set of programs for reading and editing ImageMagisk files, is related to the lack of checks for division by zero. This allows a malicious actor to trigger a service failure.

The vulnerability of the MagickCore/resample.c file, a set of programs for reading and editing ImageMagisk files, is related to the lack of checks for division by zero. Exploiting this vulnerability could allow an attacker to cause service failures...

JasPer numeric error vulnerability

JasPer is a C-based tool for image processing from Michael Adams' personal developer. The software supports the JPEG-2000 format as defined in ISO / IEC 15444-1 and is primarily used for image encoding and processing. A divide by zero vulnerability exists. No detailed vulnerability details are...

Libvips numeric error vulnerability

libvips is an open source 2D image processing library. libvips version 8.10.5 is vulnerable due to a dezero vulnerability in function "vipseyepoint, eye.cL83" and function "vipsmaskpoint, mask.cL85". No detailed vulnerability details are available at this time...

JasPer 数字错误漏洞

JasPer is a C-based tool for image processing from Michael Adams' personal developer. The software supports the JPEG-2000 format as defined in ISO / IEC 15444-1 and is primarily used for image encoding and processing. A divide by zero vulnerability exists. No detailed vulnerability details are...

Pillow Buffer Overflow Vulnerability (CNVD-2021-54028)

Pillow is a Python-based image processing library. A buffer overflow vulnerability exists in Pillow, which stems from the failure of the product's convert.c to validate the security of parameters, and could be exploited to trigger a denial of service or remote code execution by triggering a buffe...

Imagegear suffers from a denial of service vulnerability (CNVD-2021-50961)

ImageGear is a graphic image processing software with scanning, compression, viewing, printing, adding annotations, image editing and other features that enable developers to quickly develop image processing programs. Imagegear suffers from a denial of service vulnerability that can be exploited ...

The vulnerability of the `formatIPTCfromBuffer` function in the `coders/meta.c` component of the ImageMagick console graphics editor allows an attacker to access confidential data and cause a service failure.

The vulnerability of the formatIPTCfromBuffer function in the coders/meta.c file of the ImageMagick console graphics editor involves an operation that outputs values within acceptable buffer limits. Exploiting this vulnerability allows an attacker to access confidential data and also trigger a...

Ricoh (China) Unauthorized Access Vulnerability in Various Products of Ricoh (China) Investment Co.

Ricoh China Investment Co., Ltd. provides services and solutions such as document output management services and IT solutions such as office image processing equipment e.g., MFPs, printers, etc., production digital printers, and more. An unauthorized access vulnerability exists in various Ricoh...

Accusoft ImageGear Memory Corruption Vulnerability

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, U.S. A memory corruption vulnerability exists in the PNG pngpaletteprocess function in Accusoft ImageGear version 19.9. An attacker can exploit the vulnerability to cause a heap buffer overflow via specially...

Accusoft ImageGear buffer overflow vulnerability (CNVD-2021-40854)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. ImageGear 19.9 suffers from a buffer overflow vulnerability that stems from the fact that an attacker can exploit the vulnerability by being able to supply a malicious file to trigger the vulnerability. ...

Huawei EMUI/Magic UI Heap Overflow Vulnerability

Huawei Emui is a mobile operating system based on Android development.Huawei Magic UI is the operating system for Honor phones. A heap overflow vulnerability exists in Huawei EMUI/Magic UI, which can be exploited by an attacker to cause an anomaly in image processing...

Pillow Denial of Service Vulnerability (CNVD-2021-54032)

Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions prior to Pillow 8.2.0, which stems from the fact that for FLI data, FliDecode does not properly check whether the block advance is non-zero, and an attacker can exploit this vulnerability to...

Pillow Denial of Service Vulnerability (CNVD-2021-54031)

Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions of Pillow prior to 8.2.0, which can be exploited by attackers with malicious EPS files to cause a denial of service...

Accusoft ImageGear Heap Buffer Overflow Vulnerability

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, U.S.A. A security vulnerability exists in Accusoft ImageGear, which could be exploited by an attacker to cause an integer overflow, and thus a heap buffer overflow, via a misformatted file that is constructed...