CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47992
https://notcve.org/view.php?id=CVE-2023-47992
An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code. Una vulnerabilidad de desbordamiento de enteros en FreeImageIO.cpp::_MemoryReadProc en FreeImage 3.18.0 permite a los atacantes obtener información confidencial, provocar ataques de denegación de servicio y/o ejecutar código arbitrario. • https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47992 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-21427
https://notcve.org/view.php?id=CVE-2020-21427
Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. Vulnerabilidad de Desbordamiento de Búfer en la función LoadPixelDataRLE8 en PluginBMP.cpp en FreeImage 3.18.0 permite a atacantes remotos ejecutar código arbitrario y causar otros impactos a través de un archivo de imagen manipulado. • https://lists.debian.org/debian-lts-announce/2023/11/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RUEK2JOVJBQZVNQIIZZO3JFMTVB4R5KS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGOMCRAANNCQYJYPPMGRQWKRZGIP6NME https://sourceforge.net/p/freeimage/bugs/298 https://www.debian.org/security/2023/dsa-5579 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-21426
https://notcve.org/view.php?id=CVE-2020-21426
Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. Vulnerabilidad de Desbordamiento de Búfer en la función C_IStream::read en PluginEXR.cpp en FreeImage 3.18.0 permite a atacantes remotos ejecutar código arbitrario y causar otros impactos a través de un archivo de imagen manipulado. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RUEK2JOVJBQZVNQIIZZO3JFMTVB4R5KS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGOMCRAANNCQYJYPPMGRQWKRZGIP6NME https://sourceforge.net/p/freeimage/bugs/300 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-21428
https://notcve.org/view.php?id=CVE-2020-21428
Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. Vulnerabilidad de Desbordamiento de Búfer en la función LoadRGB en PluginDDS.cpp en FreeImage 3.18.0 permite a atacantes remotos ejecutar código arbitrario y causar otros impactos a través de un archivo de imagen manipulado. • https://lists.debian.org/debian-lts-announce/2023/11/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RUEK2JOVJBQZVNQIIZZO3JFMTVB4R5KS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGOMCRAANNCQYJYPPMGRQWKRZGIP6NME https://sourceforge.net/p/freeimage/bugs/299 https://www.debian.org/security/2023/dsa-5579 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33367
https://notcve.org/view.php?id=CVE-2021-33367
Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXWMZOYJKXWOEEUV7ZKW4BX772F5P2HL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEG5FTVLVSO26TEEYKORM42WZ4LEHIJB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXJ4QSLSK4HLH5ZDMDC42F7XLWLFADRD https://sourceforge.net/p/freeimage/discussion/36109/thread/1a4db03d58 • CWE-125: Out-of-bounds Read •