SUSE CVE-2019-9543

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfseparate binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly...

SUSE CVE-2019-9797

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

SUSE CVE-2019-13133

ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c...

SUSE CVE-2019-14288

An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "one byte per line" case...

SUSE CVE-2019-14289

An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case...

SUSE CVE-2019-15143

In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error resource exhaustion caused by a GBitmap::readrleraw infinite loop by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp...

SUSE CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

SUSE CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

SUSE CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

SUSE CVE-2019-19582

An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves functions which...

SUSE CVE-2019-19581

An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service out-of-bounds access because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state. Iteration over all bits involves...

SUSE CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's category bitmap into the SELinux extensible bitmap via the' ebitmapnetlblimport' routine. While processing...

SUSE CVE-2020-11044

In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0...

SUSE CVE-2020-11096

In FreeRDP before version 2.1.2, there is a global OOB read in updatereadcachebitmapv3order. As a workaround, one can disable bitmap cache with -bitmap-cache default. This is fixed in version 2.1.2...

SUSE CVE-2020-11525

libfreerdp/cache/bitmap.c in FreeRDP versions 1.0 through 2.0.0-rc4 has an Out of bounds read...

SUSE CVE-2020-14409

SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...

SUSE CVE-2020-14410

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...

SUSE CVE-2021-4090

An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...

SUSE CVE-2021-33657

There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution...

SUSE CVE-2021-39257

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...