87 matches found
The vulnerability of the Image Processing Module in the BmpDecoderDxe framework used for creating UEFI patches in InsydeH2O allows a hacker to induce a system failure.
The vulnerability of the Image Processing Module in the InsydeH2O UEFI firmware development framework involves a buffer overflow when processing the PixelHeight and PixelWidth properties of images. Exploiting this vulnerability can allow an attacker to cause system failures...
CVE-2023-40238
A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...
SUSE CVE-2008-0420
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a craft...
SUSE CVE-2017-12601
OpenCV Open Source Computer Vision Library through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case...
The vulnerability of the `cv::BmpDecoder::readData` function in the `modules/imgcodecs/src/grfmt_bmp.cpp` file of the Computer Vision Library (OpenCV), a freely available computer vision and image processing library for general-purpose numerical algorithms, allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the cv::BmpDecoder::readData function in the modules/imgcodecs/src/grfmtbmp.cpp file of the Computer Vision Library OpenSource Computer Vision Library – OpenCV involves copying buffers without checking the input data. Exploiting this vulnerability allows an attacker to gain...
Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
Google TensorFlow Buffer Overflow Vulnerability (CNVD-2020-35399)
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A buffer overflow vulnerability exists in the DecodeBmp function of the BMP decoder in the core/kernels/decodebmpop.cc file in Google TensorFlow versions prior to 1.7.0. An attacker can exploit...
CVE-2018-21233
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
CVE-2018-21233
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
Integer overflow
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
PYSEC-2020-304
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
PYSEC-2020-253
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
PYSEC-2020-304
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
PYSEC-2020-269
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
CVE-2018-21233
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
EulerOS 2.0 SP2 : qt (EulerOS-SA-2019-2381)
According to the versions of the qt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service memory consumption via an XML Entity Expansion XEE...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. An integer overflow in the BMP decoder allows an attacker to crash the process or gain access to unintended regions of the process memory...
UBUNTU-CVE-2017-12601
OpenCV Open Source Computer Vision Library through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case...
DEBIAN-CVE-2017-12601
OpenCV Open Source Computer Vision Library through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case...
JasPer Null Pointer Backreference Vulnerability
JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. JasPer bmpdec.c:394:5 contains a null pointer back-reference vulnerability that can be exploited by an attacker to crash an application and deny service to a legitimate user...