CVE-2022-32830

CVE-2022-32830 is an out-of-bounds read vulnerability in ImageIO affecting tvOS/iOS/iPadOS up to version 15.6; exploitation through processing a malicious image could disclose user information. Other Apple components listed in tvOS 15.6/ iOS 15.6/ iPadOS 15.6 have separate CVEs. Remediation: upda...

K25359902: BIG-IP AAM security vulnerability CVE-2019-6601

Security Advisory Description The BIG-IP AAM wamd process used in the processing of images and PDFs fails to drop group permissions when executing helper scripts. CVE-2019-6601 Impact This issue does not have a direct exploit, but may be used in unknown ways when targeting the BIG-IP AAM module...

Adobe Photoshop out-of-bounds read vulnerability (CNVD-2023-13727)

Adobe Photoshop is a set of image processing software from Adobe. Adobe Photoshop has an out-of-bounds read vulnerability that can be exploited by attackers to cause sensitive memory leaks...

Adobe Photoshop Out-of-Bounds Write Vulnerability (CNVD-2023-17022)

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. Adobe Photoshop suffers from an out-of-bounds write vulnerability that stems from a lack of proper validation of user-supplied data, where specially...

SUSE CVE-2010-3565

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...

SUSE CVE-2012-3444

The getimagedimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service process or thread consumption via a large TIFF image...

SUSE CVE-2014-9824

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825...

SUSE CVE-2015-0811

The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service out-of-bounds read via an image that is improperly handled during transformation...

SUSE CVE-2015-8898

The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted image file...

SUSE CVE-2016-6235

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service segmentation fault via a crafted jpeg file...

SUSE CVE-2016-7516

The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds read via a crafted VIFF file...

SUSE CVE-2016-10065

The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service application crash or have other unspecified impact via a crafted file...

SUSE CVE-2017-5014

Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

SUSE CVE-2017-11339

There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

SUSE CVE-2017-13132

In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service assertion failure in WriteBlobStream in MagickCore/blob.c via a crafted file...

SUSE CVE-2017-15016

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c...

SUSE CVE-2017-15281

ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised values."...

SUSE CVE-2018-20467

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

SUSE CVE-2019-13295

ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled...

SUSE CVE-2020-6624

jhead through 3.04 has a heap-based buffer over-read in processDQT in jpgqguess.c...