2241 matches found
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...
CVE-2020-9984
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to...
CVE-2020-9877
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to...
CVE-2020-9874
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...
CVE-2020-9871
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...
PT-2020-20879 · Apple · Itunes For Windows +7
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 macOS Catalina versions prior to 10.15.6 tvOS versions prior to 13.4.8 watchOS versions prior to 6.2.8 iTunes for Windows versions prior to 12.10.8 iCloud for Windows versions prior to...
PT-2020-20880 · Apple · Itunes For Windows +7
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 macOS Catalina versions prior to 10.15.6 tvOS versions prior to 13.4.8 watchOS versions prior to 6.2.8 iTunes for Windows versions prior to 12.10.8 iCloud for Windows versions prior to...
CVE-2020-9936
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...
CVE-2020-9936
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...
PT-2020-4369 · Microsoft · Windows Codecs Library
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Codecs Library affected versions not specified Description: A remote code execution issue exists in the way Microsoft Windows Codecs Library handles objects in memory. This could allow an attacker to execute arbitrary code i...
OSV-2020-1867 Use-of-uninitialized-value in PerceptibleReciprocal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26023 Crash type: Use-of-uninitialized-value Crash state: PerceptibleReciprocal CompositeImage loadlevel...
Heap Override Write Vulnerability in Light and Shadow Magic
Light Magic Hand is a graphic image processing software. A heap out-of-bounds write vulnerability exists in LightShadowMagician, which can be exploited by an attacker to cause a denial of service on the server...
PT-2020-20898 · Apple · Apple Macos +1
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 10.15.7 Security Update versions prior to 2020-005 for High Sierra and Mojave Description: An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted image may lead to...
Heap Overflow Vulnerability in Light and Shadow Magic Hand of Shenzhen Xunlei.com Culture Limited (CNVD-2020-58817)
LightShadow Magic Hand is a software for improving and enhancing image quality and effect processing. Shenzhen Xunlei.com Culture Co., Ltd LightShadow Magic Hand has a heap overflow vulnerability that allows an attacker to construct a special picture to cause the software to crash, which can also...
Heap Overwrite Vulnerability in Light and Shadow Magic Hand of Shenzhen Xunlei.com Culture Limited (CNVD-2020-58819)
Light Magic Hand is a software for improving and enhancing image quality and effect processing. Shenzhen Xunlei.com Culture Co., Ltd LightShadow Magic Hand has a heap of out-of-bounds writing vulnerabilities, an attacker can construct a special picture to cause the software to crash, and can also...
Heap Overwrite Vulnerability in Light and Shadow Magic Hand of Shenzhen Xunlei.com Culture Limited (CNVD-2020-58812)
LightShadow Magic Hand is a software for improving and enhancing image quality and effect processing. Shenzhen Xunlei.com Culture Co., Ltd LightShadow Magic Hand has a heap of out-of-bounds writing vulnerabilities, an attacker can construct a special picture to cause the software to crash, and ca...
Heap Overwrite Vulnerability in Light and Shadow Magic Hand of Shenzhen Xunlei.com Culture Limited (CNVD-2020-58808)
LightShadow Magic Hand is a software for improving and enhancing image quality and effect processing. Shenzhen Xunlei.com Culture Co., Ltd LightShadow Magic Hand has a heap of out-of-bounds writing vulnerabilities, an attacker can construct a special picture to cause the software to crash, and ca...
About the security content of macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
MGASA-2020-0337 Updated jasper packages fix security vulnerabilities
The jasmatrixbindsub function in jasseq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service invalid read via a crafted image CVE-2017-6851. Heap-based buffer overflow in the jpcdecdecodepkt function in jpct2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified...
UBUNTU-CVE-2020-17507
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. readxbmbody in gui/image/qxbmhandler.cpp has a buffer over-read...