CVE-2024-12740

Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file...

CVE-2024-12740 Dependency on Vulnerable Third-Party Component exposes Vulnerabilities in NI Vision Software

Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file...

CVE-2024-12740

CVE-2024-12740 affects NI Vision software (Vision Development Module, Vision Assistant, Vision Builder AI) via a third‑party image-processing library. The concrete issue is in parsing JPG files (Vision Assistant/VBAI) leading to out-of-bounds/write conditions that allow remote code execution. Exp...

CVE-2024-12740 Dependency on Vulnerable Third-Party Component exposes Vulnerabilities in NI Vision Software

Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted file...

PT-2025-5271 · Apple · Macos Sonoma +8

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.4 macOS Ventura versions prior to 13.7.3 macOS Sonoma versions prior to 14.7.3 visionOS versions prior to 2.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 macOS Sequoia versions prior to 15.3 watchOS...

PT-2025-1943 · National Instruments · Ni Vision Builder Ai +1

Name of the Vulnerable Software and Affected Versions: NI Vision Builder AI affected versions not specified NI Vision Development Module affected versions not specified Description: The issue is related to the use of a third-party library for image processing in NI's vision software, which expose...

Apple iOS和iPadOS 安全漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 18.3 and iPadOS version 18.3, which stems from processin...

ROS-20250418-01

A vulnerability in the gui/util/qktxhandler.cpp component of the KTX image processing module of the cross-platform Qt software development framework is related to a buffer overrun. Qt software development framework is related to an operation exceeding buffer boundaries in memory. memory...

Adobe Photoshop Digital Error Vulnerability

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A security vulnerability exists in Adobe Photoshop, which can be exploited by an attacker to potentially cause arbitrary code to be executed in the...

emlog 代码注入漏洞

emlog is a PHP and MySQL based CMS builder. A cross-site scripting vulnerability exists in the emlog /admin/article.php processing IMAGE, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to obtain sensitive information or hijack user sessions whe...

AnyDesk 后置链接漏洞

AnyDesk is a remote desktop connection software from AnyDesk, a German company. AnyDesk suffers from a backlink vulnerability that originates from a flaw in the background image processing, which can be exploited by a local attacker to read arbitrary files and disclose sensitive information...

EulerOS 2.0 SP12 : syslinux (EulerOS-SA-2024-2958)

According to the versions of the syslinux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56,...

CVE-2024-54500

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may result in disclosure of process memory...

CVE-2024-53863 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders

Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for...

RLSA-2024:9548 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

RLSA-2024:8800 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

USN-6882-2: Cinder regression

USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Martin Kaesberger discovered that Cinder incorrectly handled QCOW2...

RHEL 9 : openexr (RHSA-2024:8801)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8801 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a...

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...