Lucene search
+L

563 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.3 views

SUSE CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

4.4CVSS6.8AI score0.01245EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/05/20 10:51 p.m.25 views

CVE-2020-19499

A flaw was found in libheif. This flaw allows attackers to cause a denial of service and other unspecified impacts due to an invalid memory read. The highest threat from this vulnerability is to system availability...

8.8CVSS6AI score0.01368EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.6 views

The vulnerability of the `heif::Box_iref::get_references` function in the Libheif library for encoding and decoding HEIF and AVIF files involves reading data beyond the permissible buffer limits. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the heif::Boxiref::getreferences function in the HEIF and AVIF file encoding/decoding library Libheif lies in the reading of data beyond the permissible buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity...

9.3CVSS7.8AI score0.01368EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.7 views

The vulnerability of the Fraction function in the libheif/box.cc component of the HEIF and AVIF encoding/decoding library allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Fraction function in the libheif/box.cc component of the HEIF and AVIF encoding/decoding library allows attackers to exploit it remotely. This enables them to access confidential data, compromise its integrity, and cause service failures...

9.3CVSS7.5AI score0.01368EPSS
Exploits1References5Affected Software2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2019-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.01838EPSS
Exploits1References5
Veracode
Veracode
added 2021/11/05 12:59 p.m.20 views

Denial Of Service (DoS) Through Heap Buffer Overflow

libheif.so is vulnerable to denial of service through heap-based buffer overflow attacks. The vulnerability exists in 'convertcolorspace' in 'heifcolorconversion.cc' of the heif file handler. A malicious attacker is able to send a crafted HEIF to gain sensitive information and cause an applicatio...

8.1CVSS3AI score0.01245EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2021/11/04 12:0 a.m.20 views

libheif buffer overflow vulnerability

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. libheif version 1.6.2 contains a buffer overflow vulnerability in the convertcolorspace function in heifcolorconversion.cc. An attacker can exploit this vulnerability to cause a denial of service and disclose sensitive...

8.1CVSS4.7AI score0.01245EPSS
Exploits1References1
NVD
NVD
added 2021/11/03 5:15 p.m.25 views

CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

8.1CVSS0.01245EPSS
Exploits1References1
OSV
OSV
added 2021/11/03 5:15 p.m.4 views

DEBIAN-CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

8.1CVSS7.8AI score0.01245EPSS
Exploits1References1
OSV
OSV
added 2021/11/03 5:15 p.m.17 views

CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

8.1CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2021/11/03 5:15 p.m.13 views

Buffer overflow

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

5.8CVSS7.7AI score0.01245EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2021/11/03 5:15 p.m.22 views

CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

8.1CVSS7.2AI score0.01245EPSS
Exploits1References2
OSV
OSV
added 2021/11/03 5:15 p.m.2 views

UBUNTU-CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

8.1CVSS7.3AI score0.01245EPSS
Exploits1References3
CVE
CVE
added 2021/11/03 4:7 p.m.60 views

CVE-2020-23109

CVE-2020-23109 : A buffer overflow in libheif 1.6.2 (function convert_colorspace in heif_colorconversion.cc) can be triggered by a crafted HEIF file, enabling denial of service and potential information disclosure. Connected advisories confirm affected packages and that a fix is available in libh...

8.1CVSS7.7AI score0.01245EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/11/03 4:7 p.m.28 views

CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

7.8AI score0.01245EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2021/11/03 4:7 p.m.19 views

CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

8.1CVSS8.1AI score0.01245EPSS
Exploits1
CNNVD
CNNVD
added 2021/11/03 12:0 a.m.8 views

libheif 缓冲区错误漏洞

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. libheif version 1.6.2 contains a buffer overflow vulnerability in the convertcolorspace function in heifcolorconversion.cc. An attacker can exploit this vulnerability to cause a denial of service and disclose sensitive...

8.1CVSS6AI score0.01245EPSS
Exploits1References3
CNVD
CNVD
added 2021/07/22 12:0 a.m.21 views

libheif Denial of Service Vulnerability (CNVD-2022-06517)

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. libheif version 1.4.0 suffers from a denial-of-service vulnerability. The vulnerability stems from a floating-point exception in the Fraction function. An attacker could exploit this vulnerability to cause a denial of servi...

8.8CVSS3.8AI score0.01368EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/22 12:0 a.m.18 views

libheif Denial of Service Vulnerability

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. libheif version 1.4.0 contains a denial-of-service vulnerability in heif::Boxiref::getreferences. The vulnerability stems from an invalid memory read. An attacker could exploit this vulnerability to cause a denial of servic...

8.8CVSS4.2AI score0.01368EPSS
Exploits1References1
NVD
NVD
added 2021/07/21 6:15 p.m.21 views

CVE-2020-19499

An issue was discovered in heif::Boxiref::getreferences in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read...

8.8CVSS0.01368EPSS
Exploits1References2
Rows per page
Query Builder