entropymine 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は バッファオーバーフロー and vendor risk memory corruption に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で アプリケーションクラッシュ and vendor impact memory corruption などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-43289 | Deark v.1.6.2 was discovered to contain a stack overflow via the do_prism_read_palette() function at /modules/atari-img.c. | [email protected] | 7.8 | 0.05% | 2022-12-19 | 2025-04-17 |
| CVE-2021-28856 | In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize. | [email protected] | 5.5 | 0.17% | 2021-04-14 | 2026-01-26 |
| CVE-2021-28855 | In Deark before 1.5.8, a specially crafted input file can cause a NULL pointer dereference in the dbuf_write function (src/deark-dbuf.c). | [email protected] | 5.5 | 0.17% | 2021-04-14 | 2026-01-26 |
| CVE-2017-12804 | The iwgif_init_screen function in imagew-gif.c:510 in ImageWorsener 1.3.2 allows remote attackers to cause a denial of service (hmemory exhaustion) via a crafted file. | [email protected] | 6.5 | 0.42% | 2019-05-09 | 2024-11-21 |
| CVE-2018-16782 | libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c. | [email protected] | 8.8 | 0.42% | 2018-09-10 | 2024-11-21 |
| CVE-2018-5252 | libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the get_raw_sample_int function in imagew-main.c. | [email protected] | 5.3 | 0.24% | 2018-01-05 | 2024-11-21 |
| CVE-2017-9207 | The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | [email protected] | 6.5 | 0.38% | 2017-05-23 | 2026-05-13 |
| CVE-2017-9206 | The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | [email protected] | 6.5 | 0.40% | 2017-05-23 | 2026-05-13 |
| CVE-2017-9205 | The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | [email protected] | 6.5 | 0.40% | 2017-05-23 | 2026-05-13 |
| CVE-2017-9204 | The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | [email protected] | 6.5 | 0.40% | 2017-05-23 | 2026-05-13 |
| CVE-2017-9203 | imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c. | [email protected] | 6.5 | 0.40% | 2017-05-23 | 2026-05-13 |
| CVE-2017-9202 | imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c. | [email protected] | 6.5 | 0.40% | 2017-05-23 | 2026-05-13 |
| CVE-2017-9201 | imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c. | [email protected] | 6.5 | 0.40% | 2017-05-23 | 2026-05-13 |
| CVE-2017-9094 | The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image. | [email protected] | 6.5 | 0.35% | 2017-05-19 | 2026-05-13 |
| CVE-2017-9093 | The my_skip_input_data_fn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image. | [email protected] | 6.5 | 0.35% | 2017-05-19 | 2026-05-13 |
| CVE-2017-8327 | The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image. | [email protected] | 6.5 | 0.47% | 2017-04-29 | 2026-05-13 |
| CVE-2017-8326 | libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c. | [email protected] | 8.8 | 0.89% | 2017-04-29 | 2026-05-13 |
| CVE-2017-8325 | The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image. | [email protected] | 8.8 | 0.97% | 2017-04-29 | 2026-05-13 |
| CVE-2017-7962 | The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | [email protected] | 5.5 | 0.50% | 2017-04-19 | 2026-05-13 |
| CVE-2017-7940 | The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. | [email protected] | 5.5 | 0.20% | 2017-04-18 | 2026-05-13 |