|
611
|
7.8
6.8
|
HIGH
Local
|
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threa…
|
-
|
CVE-2020-35524
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:27
2021-03-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
612
|
7.8
6.8
|
HIGH
Local
|
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The high…
|
-
|
CVE-2020-35523
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:27
2021-03-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
613
|
5.5
4.3
|
MEDIUM
Local
|
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
|
-
|
CVE-2020-35522
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:27
2021-03-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
614
|
5.5
4.3
|
MEDIUM
Local
|
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
|
-
|
CVE-2020-35521
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:27
2021-03-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
615
|
5.5
7.1
|
MEDIUM
Local
|
A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero…
|
-
|
CVE-2021-20246
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:46
2021-03-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
616
|
5.5
7.1
|
MEDIUM
Local
|
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The hi…
|
-
|
CVE-2021-20245
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:46
2021-03-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
617
|
5.5
7.1
|
MEDIUM
Local
|
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division b…
|
-
|
CVE-2021-20244
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:46
2021-03-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
618
|
7.8
6.8
|
HIGH
Local
|
In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a c…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-3404
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:21
2021-03-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
619
|
7.8
6.8
|
HIGH
Local
|
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a …
|
CWE-415
Double Free
|
CVE-2021-3403
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 15:21
2021-03-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
620
|
4.4
4.9
|
MEDIUM
Local
|
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This fl…
|
-
|
CVE-2020-25639
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:18
2021-03-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|