OSV-2026-141 Segv on unknown address in yuv2rgb4_X_c

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478212631 Crash type: Segv on unknown address Crash state: yuv2rgb4Xc packedvscale ffswscale...

EUVD-2019-2088

Malware in sbrugna...

EUVD-2014-1633

Malware in sbrugna...

PrestaShop SQL Injection Vulnerability (CNVD-2023-9749945)

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. PrestaShop suffers from a SQL injection vulnerability that stems from the module havi...

Prestashop path traversal vulnerability (CNVD-2023-41497)

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. Prestashop 1.7.20 and previous versions of the existence of path traversal...

编号撤回

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. This CVE number has been withdrawn...

SUSE CVE-2019-10024

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for y Bresenham parameters...

PrestaShop Cross-Site Scripting Vulnerability (CNVD-2022-62230)

PrestaShop is an open source e-commerce solution from PrestaShop Inc. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. PrestaShop module 5.0.2 prior versions of cross-site scripting vulnerability, the vulnerability stems from t...

Mozilla Firefox ESR < 24.7 Multiple Vulnerabilities

Binary data 701240.prm...

CVE-2017-3044

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3044

Adobe Acrobat Reader (Windows/macOS) affected versions: 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier, due to a memory corruption vulnerability in the JPEG 2000 engine tied to image scaling. Successful exploitation could allow arbitrary code execution with local access a...

CVE-2017-3044

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution...

The vulnerability in the Firefox ESR software allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.

A vulnerability exists in the ConvolveHorizontally function of Skia for Mozilla Firefox ESR, due to improper rendering of graphic data when this function is executed. Exploiting this vulnerability allows malicious actors to execute arbitrary code, causing prolonged scaling of images; for example,...

The vulnerability of the Firefox browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

A vulnerability exists in the ConvolveHorizontally function of Skia for Mozilla Firefox, due to improper rendering of graphic data when this function is executed. Exploiting this vulnerability allows malicious actors to execute arbitrary code, causing prolonged scaling of images; for example,...

DEBIAN-CVE-2015-8877

The gdImageScaleTwoPass function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service memory consumption via a crafted call, as demonstrated ...

MGASA-2015-0388 Updated gdk-pixbuf2.0 packages fix security vulnerabilities

Updated gdk-pixbuf packages fix security vulnerabilities: Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf before 2.32.0. This issue is triggered by the scaling of a malformed tga format image and results in a potentially exploitable crash CVE-2015-7673. Security research...

Mozilla Thunderbird 24.x < 24.7 Multiple Vulnerabilities (Mac OS X)

The version of Thunderbird 24.x installed on the remote host is a version prior to 24.7. It is, therefore, affected by the following vulnerabilities : - When a pair of NSSCertificate structures are added to a trust domain and then one of them is removed during use, a use-after-free error occurs...

CVE-2014-1557

The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering...

CVE-2014-1557

The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering...

Information disclosure

The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering...