Pillow Buffer Overflow Vulnerability (CNVD-2021-54036)

Pillow is a Python-based image processing library. Pillow is vulnerable to a buffer overflow vulnerability, which can be exploited by remote attackers to submit special file requests and trick users into parsing them, which can crash the application...

Pillow out-of-bounds read vulnerability (CNVD-2021-54037)

Pillow is a Python-based image processing library. Pillow is vulnerable to an out-of-bounds read vulnerability, which can be exploited to submit special file requests and trick users into parsing them, which can crash the application...

Pillow 输入验证错误漏洞

Python Imaging Library PIL is a free library for the Python programming language that supports opening, manipulating, and saving a wide range of image file formats.Pillow is a PIL branch. A denial of service vulnerability exists in Pillow versions prior to 8.1.1. The vulnerability stems from not...

MediaTek jpeg Buffer Overflow Vulnerability

MediaTek jpeg is an application chip from MediaTek China. It provides optimized image processing. MediaTek jpeg suffers from a buffer overflow vulnerability that originates from incorrect input validation and can be exploited by an attacker to write out-of-bounds...

ONLYOFFICE Document Server Buffer Overflow Vulnerability

ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A buffer overflow vulnerability exists in the BMP image processing of the ONLYOFFICE Document Server core module, which can be exploited by an attacke...

Heap overflow

A heap buffer overflow vulnerability inside of BMP image processing was found at core module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer...

CVE-2021-25832

A heap buffer overflow vulnerability inside of BMP image processing was found at core module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer...

CVE-2021-25832

CVE-2021-25832 affects ONLYOFFICE DocumentServer. A heap buffer overflow in the BMP image processing of the core module (document server) can allow remote code execution on vulnerable versions: v4.0.0-9-v6.0.0. The provided documents do not include remediation steps or patch/version details beyon...

USN-4755-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

ImageMagick Studio ImageMagick 数字错误漏洞

Imagemagick Studio ImageMagick is a suite of open source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. A de-zero vulnerability exists in coders/jp2.c in versions prior to ImageMagick 7.0.10-62. An...

OESA-2021-1007 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust im crate through 2020-11-09, which stems from a limitation that TreeFocus does not have a send feature or a synchronization feature, resulting in a data contention...

Fedora: Security Advisory for python-pillow (FEDORA-2021-880aa7bd27)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: python-pillow-7.0.0-5.fc32

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

[SECURITY] Fedora 33 Update: python-pillow-7.2.0-3.fc33

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Fedora: Security Advisory for python-pillow (FEDORA-2021-a8ddc1ce70)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Pillow Buffer Overflow Vulnerability (CNVD-2021-54038)

Pillow is a Python-based image processing library. buffer overflow vulnerability exists in versions of Pillow prior to 8.1.0, which can be exploited by attackers to cause a buffer over read...

Magical Image Converter and Processor (Windows Edition) Denial of Service Vulnerability

Magic Image Processing Software is a professional, easy-to-use and efficient image processing software toolset developed by Beijing Magic Pixel Technology Co. A denial of service vulnerability exists in Miracle Image Converter windows version, which can be exploited by attackers to cause a softwa...

ImageMagick Input Validation Error Vulnerability (CNVD-2021-11327)

ImageMagick is a suite of open source image processing software. The software can read, convert or write images in a variety of formats. ImageMagick suffers from a security vulnerability, which stems from IntensityCompare of /magick/quantize.c, where a call to PixelPacketIntensity returns an...

About the security content of iCloud for Windows 11.3 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...