Lucene search
K

1737 matches found

OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2020:3749-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.5AI score0.00504EPSS
Exploits0References11
OSV
OSV
added 2021/03/29 4:35 p.m.5 views

GHSA-8XJQ-8FCG-G5HW Out-of-bounds Write in Pillow

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

8.7CVSS6.9AI score0.02372EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2021/03/29 4:35 p.m.48 views

Out-of-bounds Write in Pillow

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS2.4AI score0.02372EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2021/03/19 4:15 a.m.17 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS7.4AI score
Exploits0References3
NVD
NVD
added 2021/03/19 4:15 a.m.21 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS0.02372EPSS
Exploits0References3
OSV
OSV
added 2021/03/19 4:15 a.m.2 views

DEBIAN-CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS6.9AI score0.02372EPSS
Exploits0References1
PyPA
PyPA
added 2021/03/19 4:15 a.m.4 views

PYSEC-2021-36

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS6.9AI score0.02372EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/03/19 4:15 a.m.17 views

Code injection

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

5CVSS8.2AI score0.02372EPSS
Exploits0References3Affected Software2
Debian CVE
Debian CVE
added 2021/03/19 3:29 a.m.26 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS6.8AI score0.02372EPSS
Exploits0
Cvelist
Cvelist
added 2021/03/19 3:29 a.m.25 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

8.7AI score0.02372EPSS
Exploits0References3
CVE
CVE
added 2021/03/19 3:29 a.m.370 views

CVE-2021-25290

Pillow up to version 8.1.1 contains a vulnerability in the TIFF image reader: a negative-offset memcpy with an invalid size in TiffDecode.c. This can lead to memory corruption. The issue is documented as CVE-2021-25290 and is referenced in multiple advisories (e.g., Debian, AlmaLinux, Amazon Linu...

7.5CVSS8.3AI score0.02372EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2021/03/19 3:29 a.m.44 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS8.6AI score0.02372EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.39 views

Fedora 33 : mingw-python-pillow / python-pillow / python2-pillow (2021-15845d3abe)

The remote Fedora 33 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-15845d3abe advisory. - In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts...

9.8CVSS7.4AI score0.04851EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/03/12 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1600)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.7AI score0.05223EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/11 12:0 a.m.2 views

Pillow 缓冲区错误漏洞

Pillow is a Python-based image processing library. buffer overflow vulnerability exists in versions of Pillow prior to 8.1.1, which stems from the presence of a negative offset memcpy with an invalid size in TiffDecode.c. No details of the vulnerability are currently available...

7.5CVSS5.9AI score0.02372EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.30 views

EulerOS Virtualization 2.9.1 : glibc (EulerOS-SA-2021-1600)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on...

8.1CVSS7.2AI score0.05223EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2021/03/03 12:0 a.m.16 views

CVE-2021-252890

In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

5.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/03/03 12:0 a.m.31 views

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS6.9AI score0.02372EPSS
Exploits0References4
OSV
OSV
added 2021/03/03 12:0 a.m.1 views

UBUNTU-CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS6.9AI score0.02372EPSS
Exploits0References5
Amazon
Amazon
added 2021/02/20 12:0 a.m.77 views

Important: glibc

Issue Overview: The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial...

8.1CVSS7.2AI score0.05223EPSS
Exploits1
Rows per page
Query Builder