Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
image processing project image processing - vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2005-0406
A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.
Image Processing Project Image Processing -
4.3
CVSSv2
CVE-2020-21573
An issue was discoverered in in abhijitnathwani image-processing v0.1.0, allows local malicious users to cause a denial of service via a crafted image file.
Image-processing Project Image-processing 0.1.0
5
CVSSv2
CVE-2021-38623
The deferred_image_processing (aka Deferred image processing) extension prior to 1.0.2 for TYPO3 allows Denial of Service via the FAL API because of /var/transient disk consumption.
Deferred Image Processing Project Deferred Image Processing
10
CVSSv2
CVE-2022-24720
image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized user input allows the malicious user to execute sh...
Image Processing Project Image Processing
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2007-6697
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image prior to 1.2.7 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these det...
Sdl Sdl Image
1 EDB exploit
10
CVSSv2
CVE-2008-0544
Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image prior to 1.2.7 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtain...
Sdl Sdl Image 1.2.6
9.3
CVSSv2
CVE-2004-0200
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote malicious users to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length ...
Microsoft .net Framework 1.0
Microsoft Frontpage 2003
Microsoft Greetings 2002
Microsoft Picture It 2002
Microsoft Picture It 7.0
Microsoft Publisher 2003
Microsoft Visio 2002
Microsoft Visual C\\+\\+ 2003
Microsoft Visual J\\# .net 2003
Microsoft Excel 2003
Microsoft Frontpage 2002
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Project 2002
Microsoft Project 2003
Microsoft Publisher 2002
Microsoft Visual C\\# 2003
Microsoft Visual C\\+\\+ 2002
Microsoft Digital Image Suite 9
Microsoft Excel 2002
Microsoft Office Xp
Microsoft Onenote 2003
6 EDB exploits
6.8
CVSSv2
CVE-2009-3895
Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are...
Libexif Project Libexif 0.6.18
9.3
CVSSv2
CVE-2016-3981
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG prior to 0.7.6 allows remote malicious users to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.
Optipng Project Optipng
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
4.3
CVSSv2
CVE-2015-7802
gifread.c in gif2png, as used in OptiPNG prior to 0.7.6, allows remote malicious users to cause a denial of service (uninitialized memory read) via a crafted GIF file.
Optipng Project Optipng 0.7.5
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »