Lucene search
+L

314 matches found

OSV
OSV
added 2021/06/11 5:15 p.m.3 views

CVE-2021-21833

An improper array index validation vulnerability exists in the TIF IPplanarrasterunpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS7.3AI score0.01428EPSS
Exploits1References1
Prion
Prion
added 2021/06/11 5:15 p.m.16 views

Input validation

An improper array index validation vulnerability exists in the TIF IPplanarrasterunpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability...

7.5CVSS9.2AI score0.01428EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/06/11 12:0 a.m.6 views

PT-2021-14803 · Accusoft · Accusoft Imagegear

Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.9 Description: An issue exists in the TIF IP planar raster unpack functionality where improper array index validation can occur. This can be triggered by a specially crafted malformed file, leading to an...

9.8CVSS9.2AI score0.01428EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/05/18 1:56 p.m.27 views

Moderate: Red Hat Security Advisory: sane-backends security update

An update for sane-backends is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

5.5CVSS6.7AI score0.00497EPSS
Exploits1References3
AlmaLinux
AlmaLinux
added 2021/05/18 5:58 a.m.28 views

Moderate: sane-backends security update

Scanner Access Now Easy SANE is a universal scanner interface. The SANE application programming interface API provides standardized access to any raster image scanner hardware for example, flatbed scanners, hand-held scanners, video and still cameras, and frame-grabbers. Security Fixes:...

5.5CVSS6.1AI score0.00497EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/05/03 12:0 a.m.4 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An information disclosure vulnerability exists in Google Android 11. The vulnerability is caused due to an out-of-bounds read due to a lack of bounds checking in the RasterIntraUpdate of...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/04/27 12:0 a.m.2 views

PT-2021-5706 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the Windows GDI component and is caused by insufficient access restrictions when handling raster objects. This can allow an attacker to elevate their privileges and...

7.8CVSS7.7AI score0.00982EPSS
Exploits0References8
Cvelist
Cvelist
added 2021/03/25 8:34 p.m.17 views

CVE-2021-29095 ArcGIS Server image service and raster analytics security update: uninitialized pointer

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...

6.4CVSS7AI score0.00883EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/25 8:32 p.m.19 views

CVE-2021-29093 ArcGIS Server image service and raster analytics security update: use-after-free

A use-after-free vulnerability when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...

6.4CVSS7AI score0.00948EPSS
Exploits0References1
OSV
OSV
added 2021/03/12 9:15 a.m.12 views

CVE-2021-28307

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon...

7.5CVSS6.8AI score0.01278EPSS
Exploits0References1
Prion
Prion
added 2021/03/12 9:15 a.m.10 views

Null pointer dereference

An issue was discovered in the fltk crate before 0.15.3 for Rust. There is a NULL pointer dereference during attempted use of a non-raster image for a window icon...

5CVSS7.5AI score0.0113EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/03/12 8:15 a.m.66 views

CVE-2021-28307

CVE-2021-28307 affects the Rust crate fltk before version 0.15.3 . The issue is a NULL pointer dereference during attempted use of a non-raster image for a window icon. Multiple connected advisories (Red Hat, OSV, GHSA) reiterate this flaw; no patch/version remediation details are provided in the...

7.5CVSS8.2AI score0.0113EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/09 12:0 a.m.5 views

The vulnerability of the mj_raster_cmd() function (contrib/japanese/gdevmjc.c) in the software suite for processing Ghostscript document conversion and generation is related to writing beyond the buffer boundaries, allowing an attacker to trigger a service failure.

The vulnerability of the mjrastercmd function contrib/japanese/gdevmjc.c in the software suite for processing, transforming, and generating Ghostscript documents is related to writing beyond the buffer boundaries. Exploiting this vulnerability may allow a malicious actor to cause service failures...

4.3CVSS6.8AI score0.01988EPSS
Exploits1References15Affected Software4
RustSec
RustSec
added 2021/03/06 12:0 p.m.20 views

Multiple memory safety issues

Affected versions contain multiple memory safety issues, such as: - Setting a multi label type where an image doesn't exist would lead to a NULL pointer dereference. - Setting a window icon using a non-raster image which FLTK rasterizes lazily would lead to a NULL dereference. - Pixmap constructo...

9.1CVSS1.4AI score0.01278EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/30 12:0 a.m.2 views

PT-2021-6714 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: Libsixel versions prior to 1.8.3 Description: The issue is related to a stack buffer overflow in the gif process raster function at fromgif.c, which can be exploited by a remote attacker to cause a denial of service. Recommendations: For...

9.8CVSS6AI score0.01551EPSS
Exploits21References68
CNVD
CNVD
added 2020/08/14 12:0 a.m.2 views

Artifex Software Ghostscript Buffer Overflow Vulnerability (CNVD-2020-46244)

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-PostScrip...

5.5CVSS8.1AI score0.01988EPSS
Exploits1References1
OSV
OSV
added 2020/08/13 3:15 a.m.2 views

ALPINE-CVE-2020-16292

A buffer overflow vulnerability in mjrastercmd in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51...

5.5CVSS7AI score0.01988EPSS
Exploits1References1
CNVD
CNVD
added 2020/02/24 12:0 a.m.3 views

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-13500)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A buffer overflow vulnerability exists in the PNG raster image parser in Accusoft ImageGear version 19.5.0. The vulnerability can be exploited by an attacker to execute code with the help of a specially...

9.8CVSS7.8AI score0.03687EPSS
Exploits1References1
NVD
NVD
added 2020/01/24 6:15 p.m.41 views

CVE-2019-19363

An issue was discovered in Ricoh including Savin and Lanier Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX...

7.8CVSS8.1AI score0.04566EPSS
Exploits8References5
Prion
Prion
added 2020/01/24 6:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in Ricoh including Savin and Lanier Windows printer drivers prior to 2020 that allows attackers local privilege escalation. Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX...

4.6CVSS7.6AI score0.04566EPSS
Exploits8References5Affected Software2
Rows per page
Query Builder