2241 matches found
CVE-2020-0247
In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0...
PT-2020-20826 · Apple · Itunes For Windows +7
Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 13.6 Apple iPadOS versions prior to 13.6 Apple macOS Catalina versions prior to 10.15.6 Apple tvOS versions prior to 13.4.8 Apple watchOS versions prior to 6.2.8 Apple iTunes for Windows versions prior to 12.10.8...
About the security content of iTunes 12.10.8 for Windows
About the security content of iTunes 12.10.8 for Windows This document describes the security content of iTunes 12.10.8 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
OSV-2020-1536 Segv on unknown address in GetValueFromLinkedList
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20923 Crash type: Segv on unknown address Crash state: GetValueFromLinkedList Magick::throwException Magick::Image::read...
Important: python-pillow security update
The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fixes: python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in...
python-pillow security update
An update is available for python-pillow. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-pillow packages contain a Python image processing library th...
OSV-2020-1516 Use-of-uninitialized-value in ScaleQuantumToChar
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22583 Crash type: Use-of-uninitialized-value Crash state: ScaleQuantumToChar LosslessReduceDepthOK ReadOneMNGImage...
OSV-2020-1394 Index-out-of-bounds in LibRaw::ahd_interpolate_r_and_b_in_rgb_and_convert_to_cielab
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23605 Crash type: Index-out-of-bounds Crash state: LibRaw::ahdinterpolaterandbinrgbandconverttocielab LibRaw::ahdinterpolaterandbandconverttocielab LibRaw::ahdinterpolate...
TYPO3 8.x < 8.7.25 / 9.x < 9.5.6 Multiple Vulnerabilities
The version of TYPO3 installed on the remote host is 8.x prior to 8.7.25 or 9.x prior to 9.5.6. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability exists in Typo3's image processing functionality due to a failure to properly configure applications it...
CVE-2020-8215
A buffer overflow is present in canvas version = 1.6.9, which could lead to a Denial of Service or execution of arbitrary code when it processes a user-provided image...
Fedora: Security Advisory for python-pillow (FEDORA-2020-d0737711b6)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 31 Update: python-pillow-6.2.2-3.fc31
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...
CVE-2020-15584
An issue was discovered on Samsung mobile devices with Q10.0 software. Attackers can trigger an out-of-bounds access and device reset via a 4K wallpaper image because ImageProcessHelper mishandles boundary checks. The Samsung ID is SVE-2020-18056 July 2020...
[SECURITY] Fedora 32 Update: python-pillow-7.0.0-4.fc32
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...
[SECURITY] [DSA 4712-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4712-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 30, 2020 https://www.debian.org/security/faq -...
Pillow Out-of-Bounds Read Vulnerability (CNVD-2021-21942)
Pillow is a Python based image processing library. An out-of-bounds read vulnerability exists in the libImaging/PcxDecode.c file in Pillow versions prior to 7.1.0. No details of the vulnerability are provided at this time...
Pillow Out-of-Bounds Read Vulnerability (CNVD-2021-21941)
Pillow is a Python based image processing library. An out-of-bounds read vulnerability exists in the libImaging/PcxDecode.c file in Pillow versions prior to 7.1.0. No details of the vulnerability are provided at this time...
Pillow Out-of-Bounds Read Vulnerability (CNVD-2021-21940)
Pillow is a Python based image processing library. An out-of-bounds read vulnerability exists in the libImaging/FliDecode.c file in Pillow versions prior to 7.1.0. No details of the vulnerability are provided at this time...
Pillow Buffer Overflow Vulnerability
Pillow is a Python based image processing library. A buffer overflow vulnerability exists in the libImaging/TiffDecode.c file in Pillow versions prior to 7.1.0. The vulnerability stems from a networked system or product that performs operations in memory without properly validating data boundarie...
About the security content of tvOS 12.4 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...