Lucene search
K

147 matches found

Positive Technologies
Positive Technologies
added 2021/10/07 12:0 a.m.4 views

PT-2021-7979 · Unknown +3 · Stb Image.H +3

Name of the Vulnerable Software and Affected Versions: stb image.h versions 1.33 through 2.27 Description: The issue is related to the HDR loader in stb image.h, which parses truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. This could allow a remote attacker to cau...

8.8CVSS5.9AI score0.02069EPSS
Exploits6References77
OSV
OSV
added 2021/09/28 4:15 p.m.3 views

CVE-2021-29363

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74...

7.8CVSS7.6AI score
Exploits0References1
OSV
OSV
added 2021/09/28 4:15 p.m.4 views

CVE-2021-29362

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

7.8CVSS6.3AI score0.00969EPSS
Exploits0References1
OSV
OSV
added 2021/09/28 4:15 p.m.6 views

CVE-2021-29360

A buffer overflow vulnerability in FORMATS!ReadUtahRLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

7.8CVSS6.3AI score0.00969EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/28 12:0 a.m.6 views

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview is vulnerable to a buffer error that can be exploited by attackers to execute arbitrary code via a crafted RLE file...

7.8CVSS8.2AI score0.00969EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/28 12:0 a.m.8 views

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

7.8CVSS8.2AI score0.00969EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/28 12:0 a.m.6 views

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

7.8CVSS8.2AI score0.00969EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/28 12:0 a.m.6 views

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

7.8CVSS8.2AI score0.00969EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/03/09 12:0 a.m.5 views

Vulnerability of the pcx_write_rle() function (contrib/japanese/gdev10v.c) in the software suite for processing, transforming, and generating Ghostscript documents, allowing a hacker to trigger a service failure

The vulnerability of the pcxwriterle function contrib/japanese/gdev10v.c in the software suite for processing, transforming, and generating Ghostscript documents is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...

5.3CVSS6.8AI score0.02252EPSS
Exploits1References14Affected Software3
OSV
OSV
added 2021/01/12 9:15 a.m.1 views

DEBIAN-CVE-2020-35655

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

5.4CVSS6.1AI score0.01573EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/11 12:0 a.m.7 views

Pillow 缓冲区错误漏洞

Gentoo is an open source Linux system from the Gentoo Foundation. Gentoo Linux prior to version 8.1.0 suffers from a buffer overflow vulnerability that stems from improper handling of system offsets and length tables, where SGIRleDecode has a 4-byte buffer overflow when decoding a carefully craft...

5.8CVSS6.8AI score0.01573EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2020/12/22 12:0 a.m.6 views

The vulnerability of the Pillow image processing library, related to writing data beyond the buffer boundary in memory during the conversion from SGI images to RLE format, allows a hacker to trigger a service denial.

The vulnerability of the Pillow image processing library is related to the writing of data beyond the buffer boundary in memory during the conversion of SGI images to RLE format. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

10CVSS6.7AI score0.04212EPSS
Exploits0References7Affected Software5
OSV
OSV
added 2020/06/25 7:15 p.m.3 views

UBUNTU-CVE-2020-11538

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...

8.1CVSS6.7AI score0.02514EPSS
Exploits0References7
OSV
OSV
added 2020/04/14 11:15 p.m.1 views

DEBIAN-CVE-2020-11760

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp...

5.5CVSS6.7AI score0.01807EPSS
Exploits1References1
OSV
OSV
added 2020/04/14 11:15 p.m.3 views

UBUNTU-CVE-2020-11760

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp...

5.5CVSS6.8AI score0.01807EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/02/24 12:59 p.m.4 views

python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c

An out-of-bounds write flaw was discovered in python-pillow in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the application or potentially execute code on the system...

9.8CVSS7.2AI score0.04212EPSS
Exploits0References4
PyPA
PyPA
added 2020/01/03 1:15 a.m.6 views

PYSEC-2020-82

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...

9.8CVSS7.2AI score0.04212EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2020/01/03 1:15 a.m.3 views

PYSEC-2020-82

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...

9.8CVSS7AI score0.04212EPSS
Exploits0References9
PyPA
PyPA
added 2019/11/08 7:15 p.m.6 views

PYSEC-2019-196

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory...

7.5CVSS7.6AI score0.04711EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2019/11/08 6:4 p.m.4 views

CVE-2019-12410

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory...

7.5CVSS7.3AI score0.04711EPSS
Exploits0
Rows per page
Query Builder