Lucene search
K

155 matches found

OSV
OSV
added 2019/05/20 5:29 p.m.26 views

CVE-2019-12222

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...

6.5CVSS6.5AI score
Exploits0References8
OSV
OSV
added 2019/05/20 5:29 p.m.2 views

UBUNTU-CVE-2019-12220

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an out-of-bounds read in the SDL function SDLFreePaletteREAL at video/SDLpixels.c...

6.5CVSS6.8AI score0.0187EPSS
Exploits1References3
OSV
OSV
added 2019/05/20 5:29 p.m.2 views

UBUNTU-CVE-2019-12222

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...

6.5CVSS6.9AI score0.01931EPSS
Exploits1References3
OSV
OSV
added 2019/02/08 11:29 a.m.1 views

DEBIAN-CVE-2019-7636

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDLGetRGB in video/SDLpixels.c...

8.1CVSS9.4AI score0.02879EPSS
Exploits1References1
OSV
OSV
added 2019/02/08 11:29 a.m.2 views

ALPINE-CVE-2019-7638

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDLpixels.c...

8.8CVSS7.2AI score0.02959EPSS
Exploits1References1
OSV
OSV
added 2019/02/08 11:29 a.m.1 views

DEBIAN-CVE-2019-7638

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDLpixels.c...

8.8CVSS6.8AI score0.02959EPSS
Exploits1References1
OSV
OSV
added 2019/02/08 12:0 a.m.3 views

UBUNTU-CVE-2019-7638

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDLpixels.c...

8.8CVSS6.9AI score0.02959EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2018/12/06 10:19 a.m.24 views

CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

7.1CVSS2.9AI score0.01075EPSS
Exploits0References2
CNVD
CNVD
added 2018/11/27 12:0 a.m.4 views

dcraw buffer overflow vulnerability (CNVD-2019-00792)

dcraw is a U.S. software developer David J. Coffin developed a set of open source for the camera to shoot the RAW film into PPM or TIFF format picture tool . A buffer overflow vulnerability exists in cropmaskedpixels in dcraw 9.28 and earlier versions, which can be exploited by an attacker to cra...

7.1CVSS7AI score0.01075EPSS
Exploits0References1
OSV
OSV
added 2018/11/26 8:29 p.m.3 views

DEBIAN-CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

7.1CVSS7.3AI score0.01075EPSS
Exploits0References1
OSV
OSV
added 2018/11/26 8:29 p.m.5 views

UBUNTU-CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

7.1CVSS6.8AI score0.01075EPSS
Exploits0References4
OSV
OSV
added 2018/09/01 6:29 p.m.1 views

DEBIAN-CVE-2018-16323

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the...

6.5CVSS6.8AI score0.49324EPSS
Exploits3References1
OSV
OSV
added 2018/09/01 12:0 a.m.6 views

UBUNTU-CVE-2018-16323

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the...

6.5CVSS6.8AI score0.49324EPSS
Exploits3References4
CNVD
CNVD
added 2018/06/20 12:0 a.m.2 views

libbpg libavcodec Buffer Overflow Vulnerability

libbpg is a new image format library. libavcodec is one of the general-purpose encoding/decoding libraries. A buffer overflow vulnerability exists in the 'restoretqbpixels' function in the hevcfilter.c file of libavcodec in libbpg version 0.9.8 and other products. A remote attacker could exploit...

8.8CVSS9.1AI score0.03759EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2018/03/20 10:8 a.m.60 views

Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

If you are unaware, the security standard HTTP Strict Transport Security HSTS can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing." Apple has now added mitigations to its open-source...

6.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2018/03/08 11:19 p.m.25 views

CVE-2018-7714

DISPUTED The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which...

7.5CVSS6.1AI score0.02313EPSS
Exploits0References1
NVD
NVD
added 2018/03/05 11:29 p.m.14 views

CVE-2018-7714

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which can raise...

7.5CVSS7.4AI score0.02313EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/03/05 11:0 p.m.19 views

CVE-2018-7714

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which can raise...

7.4AI score0.02313EPSS
Exploits0References2
Hacker One
Hacker One
added 2017/10/24 3:4 p.m.15 views

Infogram: Memory Corruption via Large Pixels

A memory corruption vulnerability was reported in an image processing service. By uploading a maliciously crafted image with extremely large dimensions, an attacker could cause the service to allocate an excessive amount of memory during image processing, potentially leading to memory corruption...

7AI score
Exploits0
CNVD
CNVD
added 2017/09/13 12:0 a.m.3 views

ImageMagick 'PersistPixelCache' Function Denial of Service Vulnerability

ImageMagick is a set of open source image processing software. The software can read, convert and write images in a variety of formats. A security vulnerability exists in the 'PersistPixelCache' function of the magick/cache.c file in ImageMagick. A remote attacker can exploit this vulnerability...

6.5CVSS7.2AI score0.02163EPSS
Exploits1References1
Rows per page
Query Builder