28 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of prohibition for private IOCTL commands in the atomic ISP driver, potentially leading ...
[SECURITY] Fedora 44 Update: rawtherapee-5.12-8.fc44
Rawtherapee is a RAW image processing software. It gives full control over many parameters to enhance the raw picture before finally exporting it to some common image format...
CVE-2022-26427
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540...
CVE-2022-26426
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486...
PT-2022-15133 · Mediatek +1 · Mt6833 +1
Name of the Vulnerable Software and Affected Versions: No specific software name or version is mentioned in the provided descriptions. Description: In the camera ISP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with Syste...
MediaTek 芯片 缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A buffer error vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking in the camera isp, resulting in an out-of-bounds read. An attacker could exploit this vulnerability to obtain...
MediaTek camera isp 缓冲区错误漏洞
MediaTek camera isp is an image signal processor from MediaTek, a Chinese company. MediaTek camera isp suffers from a buffer error vulnerability that stems from a lack of boundary checking, which could result in out-of-bounds writes. This could result in a local privilege escalation that requires...
MediaTek cameraisp 缓冲区错误漏洞
MediaTek cameraisp is an image processor from China's MediaTek Mediatek. It is used to improve the quality of pictures. A buffer overflow vulnerability exists in MediaTek cameraisp that can be exploited by an attacker to elevate privileges...
PT-2018-14766 · Mpdf · Mpdf
Name of the Vulnerable Software and Affected Versions: mPDF versions prior to 7.1.7 Description: The issue allows for Server-Side Request Forgery SSRF if mPDF is deployed as a web application that accepts arbitrary HTML. This can be demonstrated by an substring that triggers a call to getImage in...
Unspecified Cross-Site Scripting Vulnerability in Zenphoto
Zenphoto is a free photo gallery content management system developed by the Zenphoto team. The system manages images and supports multimedia such as audio and video. A cross-site scripting vulnerability exists in the image processor of Zenphoto versions prior to 1.4.7. A remote attacker can explo...
Wordpress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: website contact form with file upload 1.5 Exploit Local File Inclusion Google Dork: inurl:"/plugins//website-contact-form-with-file-upload/" Date: 07.05.2015 Exploit Author: T3N38R15 Software Link:...
Cross site scripting
Cross-site scripting XSS vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2948
Cross-site scripting XSS vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-2948
Zenphoto prior to version 1.4.8 contains a cross-site scripting (XSS) vulnerability in the image processor (CVE-2015-2948). This allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially executing in a user’s browser. The vulnerability affects Zenphoto 1....
WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion
WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion Exploit Title: website contact form with file upload 1.5 Exploit Local File Inclusion Google Dork: inurl:"/plugins//website-contact-form-with-file-upload/" Date: 07.05.2015 Exploit Author: T3N38R15 Software...
WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion
Exploit Title: website contact form with file upload 1.5 Exploit Local File Inclusion Google Dork: inurl:"/plugins//website-contact-form-with-file-upload/" Date: 07.05.2015 Exploit Author: T3N38R15 Software Link: https://wordpress.org/plugins/website-contact-form-with-file-upload/ Version: 1.5...
GLSA-200510-26 : XLI, Xloadimage: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200510-26 XLI, Xloadimage: Buffer overflow When XLI or Xloadimage process an image, they create a new image object to contain the new image, copying the title from the old image to the newly created image. Ariel Berkman reported...
CVE-2004-0753
The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...
CVE-2004-0753
The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...
DEBIAN-CVE-2004-0753
The BMP image processor for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service infinite loop via a crafted BMP file...