Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
image processing project image processing vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-3061
A vulnerability was found in code-projects Agro-School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file btn_functions.php of the component Attachment Image Handler. The manipulation leads to unrestricted upload. The attack m...
Agro-school Management System Project Agro-school Management System 1.0
9.8
CVSSv3
CVE-2023-24538
Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the act...
Golang Go
2 Github repositories
9.8
CVSSv3
CVE-2022-24720
image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized user input allows the malicious user to execute sh...
Image Processing Project Image Processing
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2010-1205
Buffer overflow in pngpread.c in libpng prior to 1.2.44 and 1.4.x prior to 1.4.3, as used in progressive applications, might allow remote malicious users to execute arbitrary code via a PNG image that triggers an additional data row.
Libpng Libpng
Google Chrome
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Mac Os X Server
Apple Mac Os X
Fedoraproject Fedora 13
Fedoraproject Fedora 12
Suse Linux Enterprise Server 10
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.2
Vmware Player
Vmware Workstation
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
1 EDB exploit
8.8
CVSSv3
CVE-2015-7801
Use-after-free vulnerability in OptiPNG 0.6.4 allows remote malicious users to execute arbitrary code via a crafted PNG file.
Optipng Project Optipng
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
8.8
CVSSv3
CVE-2016-3982
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG prior to 0.7.6 allows remote malicious users to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-bas...
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Optipng Project Optipng
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
8.8
CVSSv3
CVE-2010-4199
Google Chrome prior to 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted SVG document.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
8.1
CVSSv3
CVE-2016-10652
prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks.
Prebuild-lwip Project Prebuild-lwip
7.8
CVSSv3
CVE-2017-1000229
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an malicious user to remotely execute code or cause denial of service.
Optipng Project Optipng 0.7.6
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2016-8693
Double free vulnerability in the mem_close function in jas_stream.c in JasPer prior to 1.900.10 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
Jasper Project Jasper
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »