Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:20 a.m.6 views

CVE-2024-24570

Statamic is a Laravel and Git powered CMS. HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects the front-end forms with asset fields without any mime type validation, asset fields in the control panel, and asset browser in the control panel...

8.2CVSS6.4AI score0.00734EPSS
Exploits1References1
Prion
Prion
added 2021/04/13 7:15 p.m.21 views

Design/Logic Flaw

An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

6.8CVSS7.5AI score0.00807EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/13 6:8 p.m.38 views

CVE-2021-21784

An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS7.8AI score0.00807EPSS
Exploits1References1
CVE
CVE
added 2021/04/13 6:8 p.m.58 views

CVE-2021-21784

CVE-2021-21784 affects Accusoft ImageGear 19.8 and concerns an out-of-bounds write in JPG SOF marker processing. The issue stems from buffer size calculations during rasterization for multiple SOF markers: a miscalculation of width/precision can cause a do-while loop to write beyond the allocated...

9.8CVSS7.5AI score0.00807EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2021/03/02 12:0 a.m.178 views

Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.8...

9.8CVSS8AI score0.00807EPSS
Exploits1
seebug.org
seebug.org
added 2014/05/10 12:0 a.m.56 views

逐浪cms两处文件上传漏洞(有服务器环境限制)

简要描述: 也是要结合iis6的解析漏洞,不知道这两处跟之前提交的会不会重复 详细说明: 由于官网不是iis6的环境 我本地进行测试 第一处 http://127.0.0.1/Plugins/ckfinder/ckfinder.html 在左边文件夹Files下新建字幕了1.asp 然后点击1.asp目录然后上传图片木马3.gif 然后右键查看文件 就可以看到文件地址了 文件地址 http://127.0.0.1/UploadFiles/files/1.asp/3.GIF 第二处 http://127.0.0.1/plugins/imageupload.aspx protected vo...

7.1AI score
Exploits0
Mozilla
Mozilla
added 2014/04/29 12:0 a.m.56 views

Out of bounds read while decoding JPG images — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover a fixed offset out of bounds read issue while decoding specifically formatted JPG format images. This causes a non-exploitable crash...

6.5CVSS7.7AI score0.0316EPSS
Exploits0References2Affected Software4
Rows per page
Query Builder