UBUNTU-CVE-2020-6822

On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.7.0, Firefox ESR 68.7, and Firefox 75...

CVE-2018-5801

A NULL pointer dereference flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images...

PT-2020-6981 · Libraw +3 · Libraw +3

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to an out-of-bounds read vulnerability within the get huffman diff function in the librawsrcx3fx3f utils patched.cpp component of the LibRaw library for image processing...

CVE-2018-5800

A heap-based out-of-bounds access flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images...

Multiple Apple Products Image Processing Component Resource Management Error Vulnerability

Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple iPadOS is an operating system for iPad tablets. image Processing is one of the image processing Image Processing is one of the image processing components. A resource management...

python security update

CentOS Errata and Security Advisory CESA-2020:0898 An update for python-imaging is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Debian DLA-2152-1 : graphicsmagick security update

A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that allows allows an attacker to read arbitrary files via a crafted image because of TranslateTextEx for SVG. For Debian 8 'Jessie', this problem has been fixed in version 1.3.20-3+deb8u9. We recommend that...

Debian: Security Advisory (DLA-2152-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2152-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u9 CVE ID : CVE-2019-12921 A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that allows allows an attacker to read arbitrary files via a crafted image because of TranslateTextEx for SVG. For Debian 8 "Jessie"...

Adobe Photoshop Buffer Overflow Vulnerability (CNVD-2020-17967)

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe. A buffer overflow vulnerability exists in Adobe Photoshop. An attacker could exploit this vulnerability to execute arbitrary code...

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-16507)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A buffer overflow vulnerability exists in the JPEG raster image parser igcore19d.dll in Accusoft ImageGear version 19.5.0. A remote attacker could exploit this vulnerability to execute code...

CVE-2020-3878

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to...

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lea...

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lea...

Input validation

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2020-3878

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to...

Oracle Linux 7 : python-pillow (ELSA-2020-0578)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0578 advisory. - Combined fixes for CVE-2020-5312 and CVE-2019-16865 Resolves: rhbz1789533 Resolves: rhbz1774066 Tenable has extracted the preceding description block...

RHEL 7 : python-pillow (RHSA-2020:0578)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0578 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

Important: Red Hat Security Advisory: python-pillow security update

An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...