CVE-2020-6360

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2020-6346

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

Oh, what a boot-iful mornin’

In mid-April, our threat monitoring systems detected malicious files being distributed under the name "on the new initiative of the World Bank in connection with the coronavirus pandemic" in Russian with the extension EXE or RAR. Inside the files was the well-known Rovnix bootkit. There is nothin...

The vulnerability of the CImg library arises from an operation that occurs outside the buffer in memory, allowing a malicious actor to cause a service failure.

The vulnerability of the CImg library arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure due to the loading of a specially created BMP image...

The vulnerability of the `load_bmp` function in the CImg library, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loadbmp function in the CImg library is related to a memory reclamation error. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information through the use of a specially created BMP image...

ImageMagick: infinite loop in the ReadBMPImage function of the coders/bmp.c

In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

Memory Corruption Vulnerability in MTI MH Ethernet Touch Screen Software

Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. A memory corruption vulnerability exists in the MTI MH Ethernet touch screen software,...

CAD Smart Garden has a memory corruption vulnerability

CAD Smart Garden is a professional garden design software. CAD Smart Garden Tool has a memory corruption vulnerability when dealing with BMP images. An attacker can cause the program to crash by constructing a malformed BMP image. If successfully exploited, it can lead to a system denial of servi...

Denial Of Service (DoS)

OpenJDK is vulnerable to denial of service DoS. The attack exists because it does not perform glyph bitmap image dimension check in FreetypeFontScaler...

The vulnerability of the opj_t1_encode_cblks function in the OpenJPEG image encoding and decoding library for Oracle Solaris allows a attacker to cause a service failure.

The vulnerability of the opjt1encodecblks function in the OpenJPEG image encoding and decoding library for Oracle Solaris is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure by using a specially created BMP file...

CVE-2019-2281

An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 665, SD 675...

Code injection

An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 665, SD 675...

CVE-2019-2281

An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 665, SD 675...

CVE-2019-2281

CVE-2019-2281 describes an unauthenticated bitmap image loading vulnerability that can lead to execution of unverified code in Qualcomm Snapdragon platforms. The incident is triggered by loading a bitmap into memory, potentially enabling local code execution with high impact (confidentiality, int...

ImageMagick Resource Management Error Vulnerability (CNVD-2019-29431)

ImageMagick is a set of open source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. A memory disclosure vulnerability exists in the 'ReadBMPImage' function in the coders/bmp.c file in ImageMagick Studi...

ALPINE-CVE-2019-13133

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c...

CVE-2019-13133

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c...

Memory Corruption Vulnerability in BMP Image Processing by Little Curry Viewer

Little Curry Look is an image viewing program. A memory corruption vulnerability exists in Little Curry Viewer's handling of BMP images. An attacker can exploit this vulnerability to cause the program to crash...

Memory Corruption Vulnerability in Cloud Pulse License Plate Recognition Software

Xiamen Cloud Pulse Technology Co., Ltd. was established in June 2002, Cloud Pulse Technology mainly develops cell phone photo text recognition, document recognition, bank card recognition, business card recognition, cell phone information network/PC synchronization and management technology. A...

DEBIAN-CVE-2018-18024

In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...