Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-04
Updated
2019-11-07
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Max CVSS
7.8
EPSS Score
0.10%
Published
2019-11-04
Updated
2019-11-06
Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-11-04
Updated
2019-11-05
A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07.
Max CVSS
8.8
EPSS Score
0.76%
Published
2019-12-03
Updated
2020-02-03
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
Max CVSS
7.8
EPSS Score
0.55%
Published
2017-04-12
Updated
2018-10-30
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
Max CVSS
7.8
EPSS Score
0.38%
Published
2017-04-12
Updated
2018-10-30
Stack-based buffer overflow in game-music-emu before 0.6.1.
Max CVSS
7.8
EPSS Score
0.14%
Published
2017-04-12
Updated
2018-10-30
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Max CVSS
9.8
EPSS Score
1.38%
Published
2017-05-23
Updated
2022-08-16
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
Max CVSS
8.8
EPSS Score
1.35%
Published
2017-05-23
Updated
2022-08-16
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Max CVSS
9.8
EPSS Score
1.16%
Published
2017-05-23
Updated
2022-08-16
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
Max CVSS
8.8
EPSS Score
1.35%
Published
2017-05-23
Updated
2022-08-16
The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.
Max CVSS
7.8
EPSS Score
1.78%
Published
2017-01-27
Updated
2019-12-31
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.
Max CVSS
7.5
EPSS Score
1.39%
Published
2017-01-27
Updated
2018-10-30
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.
Max CVSS
9.8
EPSS Score
0.80%
Published
2016-12-12
Updated
2022-06-01
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
Max CVSS
8.8
EPSS Score
0.56%
Published
2017-02-15
Updated
2021-04-28
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
Max CVSS
7.8
EPSS Score
0.65%
Published
2017-02-15
Updated
2018-10-30
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Max CVSS
7.8
EPSS Score
0.59%
Published
2017-02-15
Updated
2018-10-30
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Max CVSS
7.8
EPSS Score
0.76%
Published
2017-02-15
Updated
2018-10-30
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
Max CVSS
7.5
EPSS Score
1.17%
Published
2017-02-15
Updated
2018-10-30
The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
Max CVSS
8.8
EPSS Score
0.44%
Published
2017-02-15
Updated
2021-04-20
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
Max CVSS
7.5
EPSS Score
1.80%
Published
2017-03-03
Updated
2018-10-30
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
Max CVSS
7.5
EPSS Score
1.48%
Published
2017-03-03
Updated
2020-10-14
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
3.32%
Published
2017-02-06
Updated
2019-04-12
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
Max CVSS
7.5
EPSS Score
1.55%
Published
2017-02-06
Updated
2019-04-12
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
Max CVSS
7.8
EPSS Score
2.29%
Published
2017-02-06
Updated
2019-04-12
668 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!