CVE-2023-40238

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. Image parsing of crafted BMP logo files can copy data to a specific address duri...

AMI AptioV Code Issue Vulnerability

AMI AptioV is a firmware from AMI. A security vulnerability exists in AMI AptioV that stems from the possibility of unrestricted uploading of dangerous types of BMP logo files via local access, the successful exploitation of which may result in loss of confidentiality, integrity and availability...

UBUNTU-CVE-2023-5341

A heap use-after-free flaw was found in coders/bmp.c in ImageMagick...

kernel: scsi: mpi3mr: Use number of bits to manage bitmap sizes

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...

The vulnerability in the get_token function of the pnm2png.c component from the PNG bitmap library allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the gettoken function in the pnm2png.c component of the PNG bitmap handling library involves buffer overflow attacks. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

kernel: KVM: VMX: Fix crash due to uninitialized current_vmcs

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

Moderate: ghostscript security and bug fix update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: ghostscript: buffer overflow in base/sbcp.c leading to data corruption CVE-2023-28879...

SUSE CVE-2014-9330

Integer overflow in tifpackbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service crash via crafted BMP image, related to dimensions, which triggers an out-of-bounds read...

The vulnerability of the `update_read_cache_bitmap_v3_order` function in the RDP client FreeRDP allows a hacker to trigger a service failure.

The vulnerability of the updatereadcachebitmapv3order function in the RDP client FreeRDP is related to a memory reclamation error. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

OESA-2023-1733 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

Foxit Reader < 9.1 Multiple Vulnerabilities

According to its version, the Foxit Reader application installed on the remote Windows host is prior to 9.1. It is, therefore affected by multiple vulnerabilities: - In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP...

ImageMagick Resource Management Error Vulnerability

ImageMagick is a set of open-source image processing software from the American company ImageMagick. The software can read, convert or write images in a variety of formats. A security vulnerability exists in ImageMagick, which stems from a post-release reuse vulnerability in coders/bmp.c. The...

SUSE CVE-2023-5175

During process shutdown, it was possible that an ImageBitmap was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox 118...

DEBIAN-CVE-2020-21427

Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file...

UBUNTU-CVE-2020-21427

Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file...

CVE-2021-28835

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file...

CVE-2021-28835

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file...

Buffer overflow

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file...

XnView Security Vulnerability

XnView is a suite of multi-platform image viewing software from the French individual developer Gougelet Pierre-emmanuel. The software can be used to view, convert, organize and edit graphics and video files. A security vulnerability exists in XNView prior to version 2.50, which stems from the...

CVE-2021-28835

Buffer Overflow vulnerability in XNView before 2.50, allows local attackers to execute arbitrary code via crafted GEM bitmap file...