| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. |
| Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure. |
| When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h. |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine. |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution. |
| Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files. |
| The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data. |
| RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system. |
| The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print(). |
| The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print(). |
| An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c. |
| ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. |
| RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses. |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check. |
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error. |
| An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400 |
| The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file. |
| MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file. |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions. |