Microsoft Windows win32kfull Bitmap Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

OSV-2023-165 Heap-buffer-overflow in array_container_to_uint32_array

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56893 Crash type: Heap-buffer-overflow WRITE 4 Crash state: arraycontainertouint32array ratouint32array roaringbitmapserialize...

SUSE CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

K76434343: gdk-pixbuf vulnerability CVE-2015-4491

Security Advisory Description Integer overflow in the makefiltertable function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary...

SUSE CVE-2004-0111

gdk-pixbuf before 0.20 allows attackers to cause a denial of service crash via a malformed bitmap BMP file...

SUSE CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817...

SUSE CVE-2004-0904

Integer overflow in the bitmap BMP decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows...

SUSE CVE-2004-1309

Heap-based buffer overflow in the demuxopenbmp function in demuxbmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap BMP file containing a large biClrUsed field...

SUSE CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmapunit value that leads to a buffer overflow...

SUSE CVE-2006-2480

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

SUSE CVE-2007-0653

Integer overflow in X MultiMedia System xmms 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption...

SUSE CVE-2007-0654

Integer underflow in X MultiMedia System xmms 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow...

SUSE CVE-2007-1001

Multiple integer overflows in the 1 createwbmp and 2 readwbmp functions in wbmp.c in the GD library libgd in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap WBMP images with large width or height values...

SUSE CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

SUSE CVE-2007-3568

The LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service infinite loop via a BMP image with a Bits Per Page BPP value of 0...

SUSE CVE-2007-4990

The swapchar2b function in X.Org X Font Server xfs before 1.0.5 allows context-dependent attackers to execute arbitrary code via 1 QueryXBitmaps and 2 QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap...

SUSE CVE-2007-6523

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...

SUSE CVE-2008-0420

modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a craft...