155 matches found
CVE-2019-12222
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...
UBUNTU-CVE-2019-12220
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an out-of-bounds read in the SDL function SDLFreePaletteREAL at video/SDLpixels.c...
UBUNTU-CVE-2019-12222
An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...
DEBIAN-CVE-2019-7636
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDLGetRGB in video/SDLpixels.c...
ALPINE-CVE-2019-7638
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDLpixels.c...
DEBIAN-CVE-2019-7638
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDLpixels.c...
UBUNTU-CVE-2019-7638
SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDLpixels.c...
CVE-2018-19565
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
dcraw buffer overflow vulnerability (CNVD-2019-00792)
dcraw is a U.S. software developer David J. Coffin developed a set of open source for the camera to shoot the RAW film into PPM or TIFF format picture tool . A buffer overflow vulnerability exists in cropmaskedpixels in dcraw 9.28 and earlier versions, which can be exploited by an attacker to cra...
DEBIAN-CVE-2018-19565
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
UBUNTU-CVE-2018-19565
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
DEBIAN-CVE-2018-16323
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the...
UBUNTU-CVE-2018-16323
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the...
libbpg libavcodec Buffer Overflow Vulnerability
libbpg is a new image format library. libavcodec is one of the general-purpose encoding/decoding libraries. A buffer overflow vulnerability exists in the 'restoretqbpixels' function in the hevcfilter.c file of libavcodec in libbpg version 0.9.8 and other products. A remote attacker could exploit...
Apple Blocks Sites From Abusing HSTS Security Standard to Track Users
If you are unaware, the security standard HTTP Strict Transport Security HSTS can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing." Apple has now added mitigations to its open-source...
CVE-2018-7714
DISPUTED The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which...
CVE-2018-7714
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which can raise...
CVE-2018-7714
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because pixels = 130 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which can raise...
Infogram: Memory Corruption via Large Pixels
A memory corruption vulnerability was reported in an image processing service. By uploading a maliciously crafted image with extremely large dimensions, an attacker could cause the service to allocate an excessive amount of memory during image processing, potentially leading to memory corruption...
ImageMagick 'PersistPixelCache' Function Denial of Service Vulnerability
ImageMagick is a set of open source image processing software. The software can read, convert and write images in a variety of formats. A security vulnerability exists in the 'PersistPixelCache' function of the magick/cache.c file in ImageMagick. A remote attacker can exploit this vulnerability...