VYPR

Vendor CVEs

Entropymine

All CVEs

23 total · sorted by risk
  • CVE-2018-16782HigSep 10, 2018
    risk 0.57cvss 8.8epss 0.01

    libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c.

  • CVE-2017-8326HigApr 29, 2017
    risk 0.57cvss 8.8epss 0.02

    libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image,…

  • CVE-2017-8325HigApr 29, 2017
    risk 0.57cvss 8.8epss 0.03

    The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image.

  • CVE-2017-9207MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.02

    The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.

  • CVE-2017-9206MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.02

    The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.

  • CVE-2017-9205MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.02

    The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.

  • CVE-2017-9204MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.02

    The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.

  • CVE-2017-9203MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.01

    imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c.

  • CVE-2017-9202MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.01

    imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.

  • CVE-2017-9201MedMay 23, 2017
    risk 0.42cvss 6.5epss 0.01

    imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.

  • CVE-2017-9094MedMay 19, 2017
    risk 0.42cvss 6.5epss 0.01

    The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image.

  • CVE-2017-9093MedMay 19, 2017
    risk 0.42cvss 6.5epss 0.01

    The my_skip_input_data_fn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image.

  • CVE-2017-8327MedApr 29, 2017
    risk 0.42cvss 6.5epss 0.03

    The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image.

  • CVE-2017-7962MedApr 19, 2017
    risk 0.36cvss 5.5epss 0.01

    The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

  • CVE-2017-7940MedApr 18, 2017
    risk 0.36cvss 5.5epss 0.01

    The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.

  • CVE-2017-7939MedApr 18, 2017
    risk 0.36cvss 5.5epss 0.01

    The read_next_pam_token function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted file.

  • CVE-2017-7624MedApr 10, 2017
    risk 0.36cvss 5.5epss 0.01

    The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.

  • CVE-2017-7623MedApr 10, 2017
    risk 0.36cvss 5.5epss 0.01

    The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

  • CVE-2017-7454MedApr 6, 2017
    risk 0.36cvss 5.5epss 0.01

    The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

  • CVE-2017-7453MedApr 6, 2017
    risk 0.36cvss 5.5epss 0.01

    The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

  • CVE-2017-7452MedApr 6, 2017
    risk 0.36cvss 5.5epss 0.01

    The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

  • CVE-2018-5252MedJan 5, 2018
    risk 0.35cvss 5.3epss 0.01

    libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the get_raw_sample_int function in imagew-main.c.

  • CVE-2017-12804May 9, 2019
    risk 0.00cvss epss 0.01

    The iwgif_init_screen function in imagew-gif.c:510 in ImageWorsener 1.3.2 allows remote attackers to cause a denial of service (hmemory exhaustion) via a crafted file.