528 matches found
CVE-2019-17545
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogrexpat.cpp when the 10MB threshold is exceeded...
GDAL Double Release Vulnerability
GDAL is an open source software library for manipulating various raster and vector geospatial data formats. A poolDestroy double-release vulnerability exists in OGRExpatRealloc in ogr/ogrexpat.cpp in GDAL 3.0.1 and earlier when the 10MB threshold is exceeded, and no detailed vulnerability details...
CVE-2019-15105
An issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a...
CVE-2019-15104
An issue was discovered in Zoho ManageEngine OpManager through 12.4x. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious...
The vulnerability of the AdaptiveThresholdImage function in the console-based image editing tool ImageMagick allows a hacker to cause a service failure or expose protected information.
The vulnerability of the AdaptiveThresholdImage function MagickCore/threshold.c in the console-based image editing tool ImageMagick involves reading data beyond the buffer boundaries in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or reveal...
CVE-2019-13297
A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on the range of intensity values in its local neighborhood due to a height of zero mishandle error. Applications compiled against ImageMagick libraries that accept...
CVE-2019-13295
A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on the range of intensity values in its local neighborhood due to a width of zero mishandle error. Applications compiled against ImageMagick libraries that accept...
DEBIAN-CVE-2019-13297
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled...
ALPINE-CVE-2019-13297
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled...
UBUNTU-CVE-2019-13295
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled...
UBUNTU-CVE-2019-13297
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled...
ImageMagick heap buffer overflow vulnerability (CNVD-2019-21666)
ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio A buffer overflow vulnerability exists in the 'AdaptiveThresholdImage' functi...
ImageMagick heap buffer overflow vulnerability (CNVD-2019-21660)
ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio A buffer overflow vulnerability exists in the 'AdaptiveThresholdImage' functi...
PT-2019-2866 · Imagemagick +4 · Imagemagick +4
Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-50 Description: The issue is related to a heap-based buffer over-read in the AdaptiveThresholdImage function, located in MagickCore/threshold.c. This occurs due to improper handling of a zero-width value. Exploitati...
PT-2019-2861 · Imagemagick +4 · Imagemagick +4
Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.8-50 Q16 Description: The issue is related to a heap-based buffer over-read in the AdaptiveThresholdImage function at MagickCore/threshold.c. This occurs because a height of zero is mishandled. Exploitation of this iss...
HPE Intelligent Management Center (IMC) deviceThresholdConfig expression language injection remote code execution vulnerability
HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A deviceThresholdConfig expression language injection remote code execution vulnerability exists in HPE...
eVisitorPass elevation of privilege vulnerability (CNVD-2019-12476)
Threshold eVisitorPass is a visitor management system from Threshold Canada. A power-up vulnerability exists in Threshold eVisitorPass version 1.5.5.2. A local attacker can exploit the vulnerability by accessing the self-service server and clicking on the full-screen button to close the program a...
eVisitorPass Elevation of Privilege Vulnerability
Threshold eVisitorPass is a visitor management system from Threshold Canada. A privilege-lifting vulnerability exists in Threshold eVisitorPass version 1.5.5.2. A local attacker could use this vulnerability to open the task manager, terminate processes, or start other processes...
eVisitorPass Default Management Credentials Vulnerability
Threshold eVisitorPass is a visitor management system from Threshold Canada. A security vulnerability exists in Threshold eVisitorPass version 1.5.5.2 that stems from the program's use of default administrative credentials. A local attacker could exploit the vulnerability to gain full access to t...
eVisitorPass elevation of privilege vulnerability (CNVD-2019-08629)
Threshold eVisitorPass is a visitor management system from Threshold Canada. A power-up vulnerability exists in Threshold eVisitorPass version 1.5.5.2. A local attacker can exploit the vulnerability to launch a command window...