Accusoft ImageGear Memory Corruption Vulnerability

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, U.S. A memory corruption vulnerability exists in the PNG pngpaletteprocess function in Accusoft ImageGear version 19.9. An attacker can exploit the vulnerability to cause a heap buffer overflow via specially...

Accusoft ImageGear buffer overflow vulnerability (CNVD-2021-40854)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. ImageGear 19.9 suffers from a buffer overflow vulnerability that stems from the fact that an attacker can exploit the vulnerability by being able to supply a malicious file to trigger the vulnerability. ...

Huawei EMUI/Magic UI Heap Overflow Vulnerability

Huawei Emui is a mobile operating system based on Android development.Huawei Magic UI is the operating system for Honor phones. A heap overflow vulnerability exists in Huawei EMUI/Magic UI, which can be exploited by an attacker to cause an anomaly in image processing...

Pillow Denial of Service Vulnerability (CNVD-2021-54031)

Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions of Pillow prior to 8.2.0, which can be exploited by attackers with malicious EPS files to cause a denial of service...

Pillow Denial of Service Vulnerability (CNVD-2021-54032)

Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions prior to Pillow 8.2.0, which stems from the fact that for FLI data, FliDecode does not properly check whether the block advance is non-zero, and an attacker can exploit this vulnerability to...

Pillow Denial of Service Vulnerability (CNVD-2021-54029)

Pillow is a Python-based image processing library. A denial of service vulnerability exists in versions of Pillow prior to 8.2.0. The vulnerability stems from the fact that for BLP data, the BlpImagePlugin does not properly check the data returned by the read, and an attacker could exploit this...

Accusoft ImageGear Heap Buffer Overflow Vulnerability

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, U.S.A. A security vulnerability exists in Accusoft ImageGear, which could be exploited by an attacker to cause an integer overflow, and thus a heap buffer overflow, via a misformatted file that is constructed...

Pillow Denial of Service Vulnerability (CNVD-2021-54030)

Pillow is a Python-based image processing library. A denial of service vulnerability exists in versions of Pillow prior to 8.2.0, which stems from the fact that PSDImagePlugin.PsdImageFile does not properly check the number of input layers based on data block size, and can be exploited by attacke...

CVE-2021-22335

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

CVE-2021-22335

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

Buffer overflow

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

CVE-2021-22335

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing...

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-6.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Pillow Out-of-Bounds Read Vulnerability (CNVD-2021-43528)

Python Imaging Library PIL is a free library for the Python programming language that supports opening, manipulating, and saving a wide range of image file formats.Pillow is a PIL branch. An out-of-bounds read vulnerability exists in the j2kugrayala function in J2kDecode in versions of Pillow pri...

华为智能手机缓冲区错误漏洞

Huawei Emui is a mobile operating system based on Android development.Huawei Magic UI is the operating system for Honor phones. A heap overflow vulnerability exists in Huawei EMUI/Magic UI, which can be exploited by an attacker to cause an anomaly in image processing...

Fedora: Security Advisory for python-pillow (FEDORA-2021-aa5d2e2289)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-4971-1: libwebp vulnerabilities

It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary co...

[SECURITY] Fedora 34 Update: python-pillow-8.1.2-3.fc34

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Updated openjpeg2 packages fix a security vulnerability

There is a flaw in the opj2compress program in openjpeg2. An attacker who is able to submit a large number of image files to be processed in a directory by opj2compress, could trigger a heap out-of-bounds write due to an integer overflow, which is caused by the large number of image files. The...

openSUSE Security Update : jhead (openSUSE-2021-743)

This update for jhead fixes the following issues : jhead was updated to 3.06.0.1 - lot of fuzztest fixes - Apply a whole bunch of patches from Debian. - Spell check and fuzz test stuff from Debian, nothing useful to human users. - Add option to set exif date from date from another file. - Bug fix...