2468 matches found
CVE-2021-33657
There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution...
CVE-2021-31513
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2025-15279
A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...
CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
UBUNTU-CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15279 FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15279 FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow (CVE-2025-15279) is a remote code execution vulnerability in FontForge. The flaw arises when parsing BMP pixel data and copying unvalidated user-supplied length to a heap buffer, allowing arbitrary code execution in the attacker’s conte...
CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
Linux Distros Unpatched Vulnerability : CVE-2025-15279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar...
openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...
📄 HTMLDOC 1.9.13 Stack Buffer Overflow
Proof of concept exploit written in PHP for HTMLDOC version 1.9.13 that generates a malicious BMP file that will trigger a stack buffer overflow vulnerability...
SUSE-SU-2025:21211-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...
OPENSUSE-SU-2025:20162-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...
CLSA-2025-1764773600 Fix CVE(s): CVE-2025-62171
SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems caused by memory allocation failure - CVE-2025-62171...
CLSA-2025-1764324579 Fix CVE(s): CVE-2025-62171
SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems - CVE-2025-62171...
CLSA-2025-1764324335 Fix CVE(s): CVE-2025-62171
SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to fix issue on 32-bit systems - CVE-2025-62171...
ImageMagick < 6.9.13-32 / 7.0 < 7.1.2-7 Integer Overflow (GGHSA-9pp9-cfwx-54rm)
The remote host has a version of ImageMagick installed that is prior to 6.9.13-32, 7.0 prior to 7.1.2-7. It is, therefore, affected by integer overflow vulnerability as referenced in GGHSA-9pp9-cfwx-54rm advisory. - ImageMagick is an open source software suite for displaying, converting, and...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerabilities (USN-7876-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7876-1 advisory. It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacke...
Integer Overflow
ImageMagick is vulnerable to an integer overflow. The vulnerability is due to improper integer overflow handling in the BMP decoder when calculating image buffer sizes by multiplying image width with bits per pixel, which allows an attacker to exploit a specially crafted BMP file to cause integer...