2179 matches found
libvips Information Disclosure Vulnerability
libvips is a demand-driven multi-threaded image processing library. libvips versions prior to 8.8.2 are vulnerable to an information disclosure. The vulnerability stems from imvips2dz in /libvips/libvips/deprecated/imvips2dz.c in libvips having uninitialized variables. An attacker could use this...
macOS 11.0.x < 11.0.1
The remote host is running a version of macOS / Mac OS X that is 11.0.x prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities, including the following: - An out-of-bounds write issue that can lead to unexpected application termination or arbitrary code execution when opening a...
PT-2020-16856 Ā· Apple Ā· Macos CatalinaĀ +7
Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.1 macOS Catalina versions prior to Security Update 2020-001 macOS Mojave versions prior to Security Update 2020-007 macOS Big Sur version 11.0.1 iOS versions prior to 14.2 iPadOS versions prior to 14.2 watch...
CVE-2020-0452
In exifentrygetvalue of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for...
About the security content of watchOS 7.1
About the security content of watchOS 7.1 This document describes the security content of watchOS 7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
Multiple Apple Products Input Validation Error Vulnerability (CNVD-2020-61627)
Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. tvOS is a smart TV operating system. tvOS is a smart TV operating system. tvOS is a smart TV operating system. tvOS is a smart TV operating...
Google Android Pixel Neural Core Component Buffer Overflow Vulnerability
Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Pixel Neural Core is one of the image processing components. A security vulnerability exists in the Pixel Neural Core component of Google Android. An attacker can exploit the...
Debian DLA-2421-1 : cimg security update
Several issues have been found in cimg, a powerful image processing library. CVE-2019-1010174 is related to a missing string sanitization on URLs, which might result in a command injection when loading a special crafted image. The other CVEs are about heap-based buffer over-reads or double frees...
Debian: Security Advisory (DLA-2421-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2421-1] cimg security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2421-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 30, 2020 https://wiki.debian.org/LTS -...
CVE-2020-3880
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted image may lead to...
CVE-2020-9961
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-9961
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-3880
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted image may lead to...
CVE-2020-9961
CVE-2020-9961 is reported in Apple's ImageIO component. Affected platforms include macOS Catalina 10.15 (and Security Update 2020-005 for High Sierra and Mojave). The issue is described as an out-of-bounds read in ImageIO that could be triggered by processing a maliciously crafted image, leading ...
CVE-2020-9984
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to...
CVE-2020-9984
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to...
CVE-2020-9937
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...
CVE-2020-9883
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead t...