Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
image processing project image processing vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-7802
gifread.c in gif2png, as used in OptiPNG prior to 0.7.6, allows remote malicious users to cause a denial of service (uninitialized memory read) via a crafted GIF file.
Optipng Project Optipng 0.7.5
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
9.3
CVSSv2
CVE-2015-7801
Use-after-free vulnerability in OptiPNG 0.6.4 allows remote malicious users to execute arbitrary code via a crafted PNG file.
Optipng Project Optipng
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
4.3
CVSSv2
CVE-2016-2533
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow prior to 3.1.1 and Python Imaging Library (PIL) 1.1.7 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted PhotoCD file.
Python Imaging Project Python Imaging
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
9.3
CVSSv2
CVE-2016-3981
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG prior to 0.7.6 allows remote malicious users to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.
Optipng Project Optipng
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
6.8
CVSSv2
CVE-2016-3982
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG prior to 0.7.6 allows remote malicious users to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-bas...
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Optipng Project Optipng
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
6.8
CVSSv2
CVE-2015-7673
io-tga.c in gdk-pixbuf prior to 2.32.0 uses heap memory after its allocation failed, which allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.
Opensuse Opensuse 13.2
Gnome Gdk-pixbuf
6.8
CVSSv2
CVE-2015-7674
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf prior to 2.32.1 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buff...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Gnome Gdk-pixbuf
Opensuse Opensuse 13.2
4.3
CVSSv2
CVE-2015-3885
Integer overflow in the ljpeg_start function in dcraw 7.00 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Dcraw Project Dcraw
Fedoraproject Fedora 21
2.6
CVSSv2
CVE-2013-0169
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote malicious...
Openssl Openssl
Oracle Openjdk 1.7.0
Oracle Openjdk 1.6.0
Polarssl Polarssl 0.14.2
Polarssl Polarssl 0.11.0
Polarssl Polarssl 1.0.0
Polarssl Polarssl 0.13.1
Polarssl Polarssl 1.1.3
Polarssl Polarssl 0.12.1
Polarssl Polarssl 0.99
Polarssl Polarssl 0.11.1
Polarssl Polarssl 1.1.4
Polarssl Polarssl 0.14.0
Polarssl Polarssl 1.1.1
Polarssl Polarssl 1.1.2
Polarssl Polarssl 0.14.3
Polarssl Polarssl 1.1.0
Polarssl Polarssl 0.10.1
Polarssl Polarssl 0.12.0
Polarssl Polarssl 0.10.0
11 Github repositories
6.4
CVSSv2
CVE-2012-2836
The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) prior to 0.6.21 allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an i...
Libexif Project Libexif 0.6.14
Libexif Project Libexif 0.6.15
Libexif Project Libexif 0.6.16
Libexif Project Libexif 0.6.18
Libexif Project Libexif 0.6.19
Libexif Project Libexif
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »