xiaoxiaoafeifei

5 exploits Active since Sep 2016
CVE-2015-8871 WRITEUP CRITICAL WRITEUP
Debian Linux < 2.1.0 - Use After Free
Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.
CVSS 9.8
CVE-2023-2908 WRITEUP MEDIUM WRITEUP
libtiff < 4.5.0 - Denial of Service via Crafted TIFF Image in tiffcp
A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service.
CVSS 5.5
CVE-2022-32545 WRITEUP HIGH WRITEUP
ImageMagick < 6.9.12-43 - Integer Overflow in PSD Coder
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
CVSS 7.8
CVE-2022-32546 WRITEUP HIGH WRITEUP
ImageMagick < 6.9.12-44 - Integer Overflow in PCL Coder
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.
CVSS 7.8
CVE-2022-32547 WRITEUP HIGH WRITEUP
ImageMagick < 6.9.12-45 - Denial of Service via Misaligned Address Load in Property Handling
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.
CVSS 7.8