21 matches found
RedEdit: Agentic Red-Teaming of Image Safety Classifiers Via MCTS-Guided Photo-Editing
Image safety classifiers serve as a critical component of contemporary content moderation systems on the internet. However, their resilience against user-style malicious image editing remains underexplored. Such behaviors are highly prevalent in daily scenarios but difficult to fully reproduce. T...
Photoshop for Beginners – Overview of Top Skills and How to Hone Them
What comes to your mind when you think of Photoshop? A tool for editing and retouching photos -…...
Adobe Lightroom Desktop Buffer Overflow Vulnerability
Adobe Lightroom Desktop is a professional photo management and editing software from the American company Audobee Adobe, designed to provide photographers and image editors with powerful workflow and editing tools. Adobe Lightroom Desktop suffers from a buffer overflow vulnerability that originat...
CVE-2023-40520
The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory...
Piwigo v13.7.0 - Stored Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: Piwigo v13.7.0 - Stored Cross-Site Scripting XSS Authenticated Exploit Author: Okan Kurtulus Vendor Homepage: https://piwigo.org Version: 13.7.0 Tested on: Ubuntu 22.04 CVE : N/A Proof of Concept: 1– Install the system through the website and log in with any user authorized to uplo...
Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads
A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022. Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and...
Not quite an Easter egg: a new family of Trojan subscribers on Google Play
Every once in a while, someone will come across malicious apps on Google Play that seem harmless at first. Some of the trickiest of these are subscription Trojans, which often go unnoticed until the user finds they have been charged for services they never intended to buy. This kind of malware...
The vulnerability of the Corel PhotoPaint software lies in the ability to write beyond the buffer boundaries, allowing attackers to execute arbitrary code.
The vulnerability of the Corel PhotoPaint photo-editing software relates to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created CPT file...
Android Apps in Google Play Harvest Facebook Credentials
A set of nine malicious Android apps that steal Facebook credentials were found on Google Play, which racked up a collective 5.9 million installations before Google removed them. According to Dr. Web’s malware analysts, the applications were fully functional, so that victims remained in the dark...
Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content
Adobe Systems has patched seven critical vulnerabilities, which impact Windows, macOS and Linux users. The impact of the serious flaws range from arbitrary code execution to sensitive information disclosure. The software company’s regularly scheduled Tuesday security updates impact a slew of its...
MobOk Malware Hides in Photo Editors on Google Play, Siphons Cash
A powerful money-siphoning malware known as MobOk has been found hiding in seemingly legitimate photo editing apps available on the Google Play store. The Pink Camera and Pink Camera 2 apps, now removed, had been installed around 10,000 times, according to researchers at Kaspersky. They included...
[SECURITY] Fedora 30 Update: shotwell-0.31.0-2.fc30
Shotwell is an easy-to-use, fast photo organizer designed for the GNOME desktop. It allows you to import photos from your camera or disk, organize them by date and subject matter, even ratings. It also offers basic photo editing, like crop, red-eye correction, color adjustments, and straighten...
Yet Another Android Malware Infects Over 4.2 Million Google Play Store Users
Even after so many efforts by Google, malicious apps somehow managed to fool its Play Store's anti-malware protections and infect people with malicious software. The same happened once again when at least 50 apps managed to make its way onto Google Play Store and were successfully downloaded as...
Photo Editor Collage Maker Pro - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Photo Editor Collage Maker Pro published at the 'play' market has multiple vulnerabilities...
Cute Photo Editing Collages - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Cute Photo Editing Collages published at the 'play' market has multiple vulnerabilities...
Color Effects Photo Editing - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Color Effects Photo Editing published at the 'play' market has multiple vulnerabilities...
Photofy Photo Editing Collage - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Photofy Photo Editing Collage published at the 'play' market has multiple vulnerabilities...
photo editing, painted image - BSD license, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application photo editing, painted image published at the 'play' market has multiple vulnerabilities...
Thinksaas SQL注入#4
简要描述: Thinksaas SQL注入4 详细说明: 编辑图片信息: /app/photo/action/edit.php case "do": if$POST'token' != $SESSION'token' tsNotice'非法操作!'; $photoid = intval$POST'photoid'; $photoname = tsClean$POST'photoname'; $photodesc = tsClean$POST'photodesc'; $new'photo'-update'photo',array 'photoid'=$photoid, ,array...
FileStream Turbo Browser v11.6 - Buffer Overflow
Document Title: =============== FileStream Turbo Browser v11.6 - Buffer Overflow References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=491 Release Date: ============= 2012-04-10 Vulnerability Laboratory ID VL-ID: ==================================== 491 Common...