314 matches found
CVE-2021-21833
An improper array index validation vulnerability exists in the TIF IPplanarrasterunpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
Input validation
An improper array index validation vulnerability exists in the TIF IPplanarrasterunpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...
PT-2021-14803 · Accusoft · Accusoft Imagegear
Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.9 Description: An issue exists in the TIF IP planar raster unpack functionality where improper array index validation can occur. This can be triggered by a specially crafted malformed file, leading to an...
Moderate: Red Hat Security Advisory: sane-backends security update
An update for sane-backends is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Moderate: sane-backends security update
Scanner Access Now Easy SANE is a universal scanner interface. The SANE application programming interface API provides standardized access to any raster image scanner hardware for example, flatbed scanners, hand-held scanners, video and still cameras, and frame-grabbers. Security Fixes:...
Google Android 缓冲区错误漏洞
Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An information disclosure vulnerability exists in Google Android 11. The vulnerability is caused due to an out-of-bounds read due to a lack of bounds checking in the RasterIntraUpdate of...
PT-2021-5706 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the Windows GDI component and is caused by insufficient access restrictions when handling raster objects. This can allow an attacker to elevate their privileges and...
CVE-2021-29095 ArcGIS Server image service and raster analytics security update: uninitialized pointer
Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...
CVE-2021-29093 ArcGIS Server image service and raster analytics security update: use-after-free
A use-after-free vulnerability when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...
CVE-2021-28307
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon...
Null pointer dereference
An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon...
CVE-2021-28307
CVE-2021-28307 affects the Rust crate fltk before version 0.15.3 . The issue is a NULL pointer dereference during attempted use of a non-raster image for a window icon. Multiple connected advisories (Red Hat, OSV, GHSA) reiterate this flaw; no patch/version remediation details are provided in the...
The vulnerability of the mj_raster_cmd() function (contrib/japanese/gdevmjc.c) in the software suite for processing Ghostscript document conversion and generation is related to writing beyond the buffer boundaries, allowing an attacker to trigger a service failure.
The vulnerability of the mjrastercmd function contrib/japanese/gdevmjc.c in the software suite for processing, transforming, and generating Ghostscript documents is related to writing beyond the buffer boundaries. Exploiting this vulnerability may allow a malicious actor to cause service failures...
Multiple memory safety issues
Affected versions contain multiple memory safety issues, such as: - Setting a multi label type where an image doesn't exist would lead to a NULL pointer dereference. - Setting a window icon using a non-raster image which FLTK rasterizes lazily would lead to a NULL dereference. - Pixmap constructo...
PT-2021-6714 · Libsixel +1 · Libsixel +1
Name of the Vulnerable Software and Affected Versions: Libsixel versions prior to 1.8.3 Description: The issue is related to a stack buffer overflow in the gif process raster function at fromgif.c, which can be exploited by a remote attacker to cause a denial of service. Recommendations: For...
Artifex Software Ghostscript Buffer Overflow Vulnerability (CNVD-2020-46244)
Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-PostScrip...
ALPINE-CVE-2020-16292
A buffer overflow vulnerability in mjrastercmd in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...
Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-13500)
Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A buffer overflow vulnerability exists in the PNG raster image parser in Accusoft ImageGear version 19.5.0. The vulnerability can be exploited by an attacker to execute code with the help of a specially...
CVE-2019-19363
An issue was discovered in Ricoh including Savin and Lanier Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX...
Design/Logic Flaw
An issue was discovered in Ricoh including Savin and Lanier Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX...