Lucene search
K

111 matches found

OSV
OSV
added 2023/06/17 11:5 a.m.4 views

OESA-2023-1350 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.8CVSS7.4AI score0.03161EPSS
Exploits2References3
NVD
NVD
added 2023/05/30 10:15 p.m.25 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

7.8CVSS8AI score0.03161EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2023/05/30 10:15 p.m.4 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

7.8CVSS7.1AI score0.03161EPSS
Exploits1References8
AlpineLinux
AlpineLinux
added 2023/05/30 10:15 p.m.32 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

7.8CVSS7.6AI score0.03161EPSS
Exploits1References6
Prion
Prion
added 2023/05/30 10:15 p.m.29 views

Command injection

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

4.4CVSS8.8AI score0.03161EPSS
Exploits1References5Affected Software4
SUSE CVE
SUSE CVE
added 2023/05/30 2:22 a.m.4 views

SUSE CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

7.5CVSS7.6AI score0.03161EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/05/30 12:0 a.m.53 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

9.1AI score0.03161EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/05/30 12:0 a.m.9 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

7.8AI score0.03161EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2023/05/30 12:0 a.m.43 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

7.8CVSS7AI score0.03161EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2023/05/29 5:40 a.m.27 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This issue may allow shell command injection via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

7.8CVSS7.5AI score0.03161EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/03 12:0 a.m.3 views

libwebp 资源管理错误漏洞

libwebp is a library for encoding and decoding the WebP image format. A resource management error vulnerability exists in libwebp that stems from a lack of memory in the VP8 encoder, which can lead to memory reuse after release...

7.5CVSS7.2AI score0.00952EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.4 views

SUSE CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

6.5CVSS6.9AI score0.01143EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.3 views

PT-2022-6611 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iOS versions prior to 15.7.2 iPadOS versions prior to 16.2 iPadOS versions prior to 15.7.2 Description: The issue is related to a buffer overflow in the graphics driver of iOS and iPadOS, caused by incorrect video...

5.5CVSS7AI score0.00335EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.3 views

PT-2022-6612 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 Description: The issue is related to a buffer overflow in memory due to incorrect video rendering with H.264 encoding. This can allow an attacker to execute arbitrary code with kernel...

7.8CVSS7.6AI score0.00387EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.2 views

PT-2022-6610 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.7.1 iOS versions prior to 16.1 iPadOS versions prior to 15.7.1 iPadOS versions prior to 16 Description: The issue is related to a buffer overflow in the graphics driver of iOS and iPadOS, caused by incorrect video...

7.8CVSS7.7AI score0.0026EPSS
Exploits0References4
CNVD
CNVD
added 2022/06/17 12:0 a.m.27 views

Microsoft HEVC Video Extensions Remote Code Execution Vulnerability (CNVD-2022-59678)

Microsoft HEVC Video Extensions is a video extension application from Microsoft Corporation USA. The application enables computers and devices to read High Efficiency Video Encoding or HEVC video. Microsoft HEVC Video Extensions has a remote code execution vulnerability and no details of the...

7.8CVSS3.1AI score0.02576EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/16 12:0 a.m.150 views

Adobe Media Encoder Memory Corruption Vulnerability (CNVD-2022-50236)

Adobe Media Encoder is an audio and video encoding application from the American company Audobee Adobe. A memory corruption vulnerability exists in Adobe Media Encoder version 15.4 and earlier versions, which can be exploited by an attacker to execute arbitrary code in the context of the current...

7.8CVSS7.6AI score0.01869EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/03 12:0 a.m.5 views

The vulnerability of the ffmpeg software for video surveillance management systems, ZoneMinder, exists due to an incorrect path name limitation for the restricted access directory. This allows attackers to execute arbitrary code.

The vulnerability of the ffmpeg software used by ZoneMinder involves incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the host with the software running...

9.1CVSS6AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/02/10 12:0 a.m.18 views

Microsoft HEVC Video Extensions Remote Code Execution Vulnerability (CNVD-2022-23477)

Microsoft HEVC Video Extensions is a video extension application from Microsoft Corporation USA. The application enables computers and devices to read High Efficiency Video Encoding or HEVC video. Microsoft HEVC Video Extensions has a remote code execution vulnerability and no details of the...

7.8CVSS3.1AI score0.02258EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/10 12:0 a.m.15 views

Microsoft HEVC Video Extensions Remote Code Execution Vulnerability (CNVD-2022-23475)

Microsoft HEVC Video Extensions is a video extension application from Microsoft Corporation USA. The application enables computers and devices to read High Efficiency Video Encoding or HEVC video. Microsoft HEVC Video Extensions has a remote code execution vulnerability and no details of the...

7.8CVSS3.1AI score0.02258EPSS
Exploits0References1
Rows per page
Query Builder