2179 matches found
CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...
PT-2023-28743 · Xnsoft · Xnsoft Nconvert
Name of the Vulnerable Software and Affected Versions: XNSoft Nconvert version 7.136 Description: The issue is related to a Buffer Overflow, which can be triggered by a crafted image file, leading to a User Mode Write AV. This could result in a Denial of Service DoS or potentially allow code...
PT-2023-35526 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which is a type of memory corruption bug. The crash state indicates that the error occurs during the...
Accusoft ImageGear Buffer Error Vulnerability
Accusoft ImageGear is a software development kit SDK for image processing from Accusoft Corporation. A buffer error vulnerability exists in Accusoft ImageGear version 20.1, which stems from a specially crafted, incorrectly formatted file that may result in memory corruption...
libwebp: Heap buffer overflow in WebP Codec
A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this...
libwebp: Heap buffer overflow in WebP Codec
A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this...
libwebp: Heap buffer overflow in WebP Codec
A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this...
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now
Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that...
CVE-2023-40032
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
CVE-2023-40032
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
Input validation
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
UBUNTU-CVE-2023-40032
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
CVE-2023-40032
CVE-2023-40032 (libvips) affects libvips versions 8.14.3 and earlier. A crafted SVG input can cause a segmentation fault when parsing a malformed UTF-8 character, leading to a potential denial of service through crash. The issue requires local access with low privileges and no user interaction, a...
CVE-2023-40032 Potential segfault due to NULL pointer dereference in libvips
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
CVE-2023-40032
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 or later when processing untruste...
CVE-2023-41064
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2023-41064
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2023-41064
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2023-27950
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory...
Input validation
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory...