Lucene search
K

134 matches found

Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.5 views

PT-2024-21831 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this issue, where the targ...

5.5CVSS6.6AI score0.00385EPSS
Exploits0References4
OSV
OSV
added 2023/10/25 6:17 p.m.3 views

UBUNTU-CVE-2023-43281

Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbiloadgifmain function...

6.5CVSS5.8AI score0.01029EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/09/20 12:0 a.m.6 views

The vulnerability of the DumpScreen2RGB() function (gif2rgb.c) in the GIFLIB library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the DumpScreen2RGB function gif2rgb.c in the GIFLIB library is related to the escape of the operation beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an unauthorized person to gain unauthorized access to protected information...

7.8CVSS6.5AI score0.01222EPSS
Exploits1References8Affected Software4
ATTACKERKB
ATTACKERKB
added 2023/07/10 6:15 p.m.4 views

CVE-2023-26590

A floating point exception vulnerability was found in sox, in the lsxaiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service...

6.2CVSS6.2AI score0.00207EPSS
Exploits0References3
OSV
OSV
added 2023/05/15 12:30 p.m.1 views

GHSA-8J28-34QQ-GMCH Apache Sling Commons JSON bundle vulnerable to Improper Input Validation

Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The org.apache.sling.commons.json bundle has been...

9.8CVSS7AI score0.02187EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/09 9:51 a.m.4 views

gdk-pixbuf: heap-based buffer overflow when compositing or clearing frames in GIF files

A heap-based buffer overflow vulnerability was found in GNOME GdkPixbuf aka GDK-PixBuf when compositing or clearing frames in GIF files. The vulnerability exists due to a boundary error when processing GIF images. This flaw allows an attacker to create a specially crafted GIF image, trick the...

7.8CVSS6.2AI score0.00748EPSS
Exploits1References6
OSV
OSV
added 2023/04/15 1:15 a.m.2 views

CVE-2023-22670

A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it ...

7.8CVSS7.5AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.4 views

Corel CorelDRAW Graphics Suite 缓冲区错误漏洞

Corel CorelDRAW Graphics Suite is a vector graphics editing software from Corel Digital Technology Canada. Corel CorelDRAW Graphics Suite version 23.5.0.506 contains a buffer overflow vulnerability, which stems from a lack of proper validation of user-supplied data when parsing GIF files and can ...

5.5CVSS7.2AI score0.00807EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-2974

libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference...

2.6CVSS6.7AI score0.02583EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.2 views

SUSE CVE-2007-6697

Buffer overflow in the LWZReadByte function in IMGgif.c in SDLimage before 1.2.7 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third...

7.5CVSS8.3AI score0.10731EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.4 views

SUSE CVE-2009-1097

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

9.3CVSS8.1AI score0.07089EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.3 views

SUSE CVE-2013-4298

The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service memory corruption and application crash via a crafted comment in a GIF image...

4.3CVSS6.7AI score0.04688EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9709

The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function...

5CVSS6.8AI score0.15531EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.4 views

SUSE CVE-2018-17436

ReadCode in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service invalid write access via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file...

6.5CVSS6.7AI score0.01312EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.3 views

SUSE CVE-2020-10809

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service...

8.1CVSS7.8AI score0.0151EPSS
Exploits1References8
Prion
Prion
added 2022/11/30 5:15 p.m.19 views

Out-of-bounds

Cap'n Proto is a data interchange format and remote procedure call RPC system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error...

5.8CVSS5.2AI score0.00852EPSS
Exploits0References6Affected Software3
Cvelist
Cvelist
added 2022/11/30 12:0 a.m.78 views

CVE-2022-46149 Cap'n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list.

Cap'n Proto is a data interchange format and remote procedure call RPC system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error...

5.4CVSS5.5AI score0.00852EPSS
Exploits0References6
CVE
CVE
added 2022/11/30 12:0 a.m.110 views

CVE-2022-46149

CVE-2022-46149 affects Cap'n Proto and its Rust crate. The vulnerability is an out-of-bounds read caused by logic errors when handling a list-of-pointer type, which can lead to a remote segfault and, with additional actions, memory exfiltration. The issue is present in inlined code and requires r...

5.4CVSS5.2AI score0.00852EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/11/14 7:15 a.m.3 views

CVE-2022-45198

Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification...

7.5CVSS6.8AI score0.01184EPSS
Exploits0References7
PyPA
PyPA
added 2022/11/14 7:15 a.m.6 views

PYSEC-2022-42979

Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data Data Amplification...

7.5CVSS7AI score0.01184EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder