Lucene search
+L

74 matches found

Cvelist
Cvelist
added 2018/06/11 9:0 p.m.24 views

CVE-2017-7819

A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

8.4AI score0.0342EPSS
Exploits1References12
seebug.org
seebug.org
added 2018/02/02 12:0 a.m.314 views

PHP CVE-2018-5711 - Hanging Websites by a Harmful GIF

Recently, I reviewed several Web frameworks and language implementations, and found some vulnerabilities. This is an simple and interesting case, and seems easy to exploit in real world! Affected All PHP version PHP 5 firstcode = sd-oldcode = 461 GetCodefd, &sd-scd, sd-codesize, FALSE,...

6.6AI score0.13204EPSS
Exploits1
exploitpack
exploitpack
added 2018/01/17 12:0 a.m.36 views

Reservo Image Hosting Script 1.5 - Cross-Site Scripting

Reservo Image Hosting Script 1.5 - Cross-Site Scripting Exploit Title: Reservo Image Hosting Script 1.5 - Cross Site Scripting Date: 15-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: reservo.co Version: 1.6 CVE-ID: CVE-2018-5705 With suppor...

4.3CVSS6.1AI score0.01461EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2017/10/11 11:40 p.m.4 views

Mozilla: Use-after-free while resizing images in design mode (MFSA 2017-22)

A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS7.3AI score0.0342EPSS
Exploits1References5
OSV
OSV
added 2017/10/02 12:0 a.m.1 views

UBUNTU-CVE-2017-7819

A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS7.1AI score0.0342EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/09/28 11:47 p.m.6 views

Mozilla: Use-after-free while resizing images in design mode (MFSA 2017-22)

A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS7.3AI score0.0342EPSS
Exploits1References5
Talos
Talos
added 2017/07/07 12:0 a.m.88 views

Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF...

8.8CVSS8.4AI score0.02716EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Firefox ESR browser allows a malicious attacker to trigger a service failure or execute arbitrary code.

Mozilla Firefox ESR’s software contains a vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by manipulating the imgLoader object during image resizing operations...

10CVSS7.6AI score0.05589EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the SeaMonkey software package allows a malicious attacker to trigger a service failure or execute arbitrary code.

The SeaMonkey software contains a vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function. Exploiting this vulnerability allows a malicious attacker to execute arbitrary code or cause a service failure by manipulating the imgLoader object during the image resizing operation...

10CVSS7.6AI score0.05589EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of the Firefox browser allows a malicious attacker to trigger a service failure or execute arbitrary code.

Mozilla Firefox’s software contains a vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function. Exploiting this vulnerability allows a malicious attacker to execute arbitrary code or cause a service failure by manipulating the imgLoader object during image resizing operations...

10CVSS7.6AI score0.05589EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Thunderbird email client allows a remote attacker to trigger a service failure or execute arbitrary code.

Mozilla Thunderbird’s software contains a vulnerability in the function nsGenericHTMLElement::GetWidthHeightForImage. Exploiting this vulnerability allows a malicious attacker to execute arbitrary code or cause a service failure by manipulating the imgLoader object during image resizing operation...

10CVSS7.5AI score0.05589EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2014/04/29 10:15 p.m.4 views

Mozilla: Use-after-free in imgLoader while resizing images (MFSA 2014-44)

Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service heap memory...

9.3CVSS7.3AI score0.05589EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2014/03/04 12:0 a.m.10 views

Fedora Update for drupal6-image_resize_filter FEDORA-2014-2611

Check for the Version of drupal6-imageresizefilter OpenVAS Vulnerability Test Fedora Update for drupal6-imageresizefilter FEDORA-2014-2611 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2014/03/04 12:0 a.m.10 views

Fedora Update for drupal6-image_resize_filter FEDORA-2014-2612

Check for the Version of drupal6-imageresizefilter OpenVAS Vulnerability Test Fedora Update for drupal6-imageresizefilter FEDORA-2014-2612 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

7.4AI score
Exploits0References2
Fedora
Fedora
added 2014/03/01 2:12 p.m.17 views

[SECURITY] Fedora 19 Update: drupal6-image_resize_filter-1.14-1.fc19

This filter makes it easy to resize images, especially when combined with a WYSIWYG editor such as tinyMCE or CKeditor. Users never have to worry about scaling image sizes again, just insert an image and set it's height and wid th properties in HTML this is done automatically by WYSIWYG editors a...

1.2AI score
Exploits0
Fedora
Fedora
added 2014/03/01 2:8 p.m.7 views

[SECURITY] Fedora 20 Update: drupal6-image_resize_filter-1.14-1.fc20

This filter makes it easy to resize images, especially when combined with a WYSIWYG editor such as tinyMCE or CKeditor. Users never have to worry about scaling image sizes again, just insert an image and set it's height and wid th properties in HTML this is done automatically by WYSIWYG editors a...

1.2AI score
Exploits0
OSV
OSV
added 2013/11/05 8:55 p.m.11 views

CVE-2013-4497

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

6.5AI score
Exploits0References4
Debian CVE
Debian CVE
added 2013/11/05 8:0 p.m.79 views

CVE-2013-4497

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

6.4CVSS6.4AI score0.01808EPSS
Exploits0
CVE
CVE
added 2013/11/05 8:0 p.m.83 views

CVE-2013-4497

Summary: CVE-2013-4497 affects the XenAPI backend of OpenStack Compute (Nova) in Folsom/Grizzly/Havana before 2013.2. The issue is that security groups were not properly reapplied after certain operations (resize or live migration), potentially exposing affected VM instances to unintended network...

6.4CVSS6.6AI score0.01808EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2013/11/05 8:0 p.m.47 views

CVE-2013-4497

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

6.5AI score0.01808EPSS
Exploits0References4
Rows per page
Query Builder