Lucene search
K

2468 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.8 views

CVE-2021-33657

There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution...

8.8CVSS7.1AI score0.01986EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.29 views

CVE-2021-31513

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.01811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 10:45 a.m.5 views

CVE-2025-15279

A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...

7.8CVSS7.7AI score0.00259EPSS
Exploits0References4
NVD
NVD
added 2025/12/31 7:15 a.m.4 views

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS0.00259EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 7:15 a.m.3 views

UBUNTU-CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS7.7AI score0.00259EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/31 6:59 a.m.27 views

CVE-2025-15279 FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS0.00259EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 6:59 a.m.1 views

CVE-2025-15279 FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS7.8AI score0.00259EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 6:59 a.m.38 views

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow (CVE-2025-15279) is a remote code execution vulnerability in FontForge. The flaw arises when parsing BMP pixel data and copying unvalidated user-supplied length to a heap buffer, allowing arbitrary code execution in the attacker’s conte...

7.8CVSS7.2AI score0.00259EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2025/12/31 6:59 a.m.3 views

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS8.2AI score0.00259EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-15279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar...

7.8CVSS7.6AI score0.00259EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.6 views

openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

9.8CVSS6.4AI score0.04065EPSS
Exploits6References18
Packet Storm
Packet Storm
added 2025/12/16 12:0 a.m.152 views

📄 HTMLDOC 1.9.13 Stack Buffer Overflow

Proof of concept exploit written in PHP for HTMLDOC version 1.9.13 that generates a malicious BMP file that will trigger a stack buffer overflow vulnerability...

7.8CVSS8AI score0.07349EPSS
Exploits4
OSV
OSV
added 2025/12/15 9:56 a.m.5 views

SUSE-SU-2025:21211-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

9.8CVSS5.9AI score0.04065EPSS
Exploits6References13
OSV
OSV
added 2025/12/15 9:55 a.m.4 views

OPENSUSE-SU-2025:20162-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

9.8CVSS5.9AI score0.04065EPSS
Exploits6References12
OSV
OSV
added 2025/12/03 2:53 p.m.5 views

CLSA-2025-1764773600 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems caused by memory allocation failure - CVE-2025-62171...

7.5CVSS5.9AI score0.00738EPSS
Exploits1References1
OSV
OSV
added 2025/11/28 10:9 a.m.6 views

CLSA-2025-1764324579 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems - CVE-2025-62171...

7.5CVSS5.9AI score0.00738EPSS
Exploits1References1
OSV
OSV
added 2025/11/28 10:5 a.m.5 views

CLSA-2025-1764324335 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to fix issue on 32-bit systems - CVE-2025-62171...

7.5CVSS5.9AI score0.00738EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.5 views

ImageMagick < 6.9.13-32 / 7.0 < 7.1.2-7 Integer Overflow (GGHSA-9pp9-cfwx-54rm)

The remote host has a version of ImageMagick installed that is prior to 6.9.13-32, 7.0 prior to 7.1.2-7. It is, therefore, affected by integer overflow vulnerability as referenced in GGHSA-9pp9-cfwx-54rm advisory. - ImageMagick is an open source software suite for displaying, converting, and...

8.8CVSS7.2AI score0.00794EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.6 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerabilities (USN-7876-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7876-1 advisory. It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacke...

8.8CVSS7.7AI score0.00794EPSS
Exploits2References2
Veracode
Veracode
added 2025/11/18 9:24 p.m.8 views

Integer Overflow

ImageMagick is vulnerable to an integer overflow. The vulnerability is due to improper integer overflow handling in the BMP decoder when calculating image buffer sizes by multiplying image width with bits per pixel, which allows an attacker to exploit a specially crafted BMP file to cause integer...

7.5CVSS7.3AI score0.00738EPSS
Exploits1References6Affected Software7
Rows per page
Query Builder