134 matches found
PT-2024-21831 · Kofax · Kofax Power Pdf
Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this issue, where the targ...
UBUNTU-CVE-2023-43281
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbiloadgifmain function...
The vulnerability of the DumpScreen2RGB() function (gif2rgb.c) in the GIFLIB library allows a hacker to gain unauthorized access to protected information.
The vulnerability of the DumpScreen2RGB function gif2rgb.c in the GIFLIB library is related to the escape of the operation beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an unauthorized person to gain unauthorized access to protected information...
CVE-2023-26590
A floating point exception vulnerability was found in sox, in the lsxaiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service...
GHSA-8J28-34QQ-GMCH Apache Sling Commons JSON bundle vulnerable to Improper Input Validation
Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The org.apache.sling.commons.json bundle has been...
gdk-pixbuf: heap-based buffer overflow when compositing or clearing frames in GIF files
A heap-based buffer overflow vulnerability was found in GNOME GdkPixbuf aka GDK-PixBuf when compositing or clearing frames in GIF files. The vulnerability exists due to a boundary error when processing GIF images. This flaw allows an attacker to create a specially crafted GIF image, trick the...
CVE-2023-22670
A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it ...
Corel CorelDRAW Graphics Suite 缓冲区错误漏洞
Corel CorelDRAW Graphics Suite is a vector graphics editing software from Corel Digital Technology Canada. Corel CorelDRAW Graphics Suite version 23.5.0.506 contains a buffer overflow vulnerability, which stems from a lack of proper validation of user-supplied data when parsing GIF files and can ...
SUSE CVE-2005-2974
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference...
SUSE CVE-2007-6697
Buffer overflow in the LWZReadByte function in IMGgif.c in SDLimage before 1.2.7 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third...
SUSE CVE-2009-1097
Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...
SUSE CVE-2013-4298
The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service memory corruption and application crash via a crafted comment in a GIF image...
SUSE CVE-2014-9709
The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function...
SUSE CVE-2018-17436
ReadCode in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service invalid write access via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file...
SUSE CVE-2020-10809
An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service...
Out-of-bounds
Cap'n Proto is a data interchange format and remote procedure call RPC system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error...
CVE-2022-46149 Cap'n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list.
Cap'n Proto is a data interchange format and remote procedure call RPC system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error...
CVE-2022-46149
CVE-2022-46149 affects Cap'n Proto and its Rust crate. The vulnerability is an out-of-bounds read caused by logic errors when handling a list-of-pointer type, which can lead to a remote segfault and, with additional actions, memory exfiltration. The issue is present in inlined code and requires r...
CVE-2022-45198
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification...
PYSEC-2022-42979
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification...