723 matches found
CVE-2024-46215
A vulnerability was discovered in KM08-708H-v1.1, There is a buffer overflow in the sub445BDC function within the /usr/sbin/goahead program; The strcpy function is executed without checking the length of the string, leading to a buffer overflow...
CVE-2024-41590
Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6...
CVE-2024-41590
Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6...
CVE-2024-41590
Several CGI endpoints are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strcpy function on DrayTek Vigor310 devices through 4.3.2.6...
DrayTek Vigor 3910 安全漏洞
The DrayTek Vigor 3910 is a high-performance router for enterprise networks from China-based DrayTek. A security vulnerability exists in the DrayTek Vigor 3910 version 4.3.2.6 and earlier versions, which stems from a missing boundary check in the strcpy function...
CVE-2024-41590
CVE-2024-41590 affects DrayTek Vigor310 routers, where the web UI CGI endpoints expose a buffer overflow via missing bounds checks on POST parameters passed to strcpy. Affected firmware includes versions up to 4.3.2.6, and exploitation requires authenticated access. The Red Hat/NCSC/PT-Security e...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2024-2403)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2024-2378)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
EulerOS Virtualization 2.12.0 : python-pillow (EulerOS-SA-2024-2336)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219...
EulerOS 2.0 SP12 : python-pillow (EulerOS-SA-2024-2249)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2024-2148)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219...
EulerOS Virtualization 2.10.0 : python-pillow (EulerOS-SA-2024-2128)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219...
EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2024-1920)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
EulerOS 2.0 SP11 : python-pillow (EulerOS-SA-2024-1845)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.CVE-2024-28219 Tenable has...
CVE-2024-32017 Buffer overflows in RIOT
RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. The size check in the gcoapdnsserverproxyget function contains a small typo that may lead to a buffer overflow in the subsequent strcpy. In detail, t...
Ubuntu 24.04 LTS. : Pillow vulnerability (USN-6744-3)
The remote Ubuntu 24.04 LTS. host has packages installed that are affected by a vulnerability as referenced in the USN-6744-3 advisory. USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding description...
Updated python-pillow packages fix security vulnerabilities
CVE-2023-44271 Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. CVE-2024-28219 A...
OESA-2024-1451 python-pillow security update
Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging \ Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. %package -n python3-pillow Summary: Python 3 image processing library Provides: python3-imaging = -...
Buffer Overflow
pillow is vulnerable to Buffer Overflow. The vulnerability is due improper use of strcpy when copying a buffer in imagingcms.c, which allows an attacker to submit a crafted image resulting in a buffer overflow...
GHSA-44WM-F244-XHP3 Pillow buffer overflow vulnerability
In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...