Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opencv opencv vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2016-10658
native-opencv is the OpenCV library installed via npm native-opencv downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy i...
Native-opencv Project Native-opencv 3.0.0
7.8
CVSSv2
CVE-2017-12600
OpenCV (Open Source Computer Vision Library) up to and including 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case.
Opencv Opencv
7.8
CVSSv2
CVE-2017-12602
OpenCV (Open Source Computer Vision Library) up to and including 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case.
Opencv Opencv
7.5
CVSSv2
CVE-2019-10061
utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) before 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing malicious users to execute arbitrary commands.
Node-opencv Project Node-opencv
6.8
CVSSv2
CVE-2019-5063
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a speci...
Opencv Opencv 4.1.0
Oracle Application Testing Suite 13.3.0.1
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Big Data Spatial And Graph
1 Github repository
6.8
CVSSv2
CVE-2019-5064
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker ...
Opencv Opencv
Oracle Application Testing Suite 13.3.0.1
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Big Data Spatial And Graph
1 Github repository
6.8
CVSSv2
CVE-2017-1000450
In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and previous versions.
Opencv Opencv
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-12862
In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and previous versions.
Opencv Opencv
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-12863
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and previous versions.
Opencv Opencv
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-12864
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and previous versions.
Opencv Opencv
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »