GSD-2021-1000800 ice: track AF_XDP ZC enabled queues in bitmap

ice: track AFXDP ZC enabled queues in bitmap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commit...

PT-2021-19397 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.4.55 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

CVE-2020-11134

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer...

The vulnerability of the tss_invalidate_io_bitmap function in the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the tssinvalidateiobitmap function in the Linux operating system is related to incorrect default access rights settings. Exploiting this vulnerability can allow an attacker to enhance their privileges...

freerdp: out-of-bound read in update_read_cache_bitmap_v3_order

In FreeRDP before version 2.1.2, there is a global OOB read in updatereadcachebitmapv3order. As a workaround, one can disable bitmap cache with -bitmap-cache default. This is fixed in version 2.1.2...

[SECURITY] Fedora 34 Update: autotrace-0.31.1-60.fc34

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

OESA-2021-1148 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

PT-2021-8034 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a data corruption bug in raid1 arrays using bitmaps. Without the fix, the bitmap bits for the failed I/O end up being cleared. The request either needs to be...

Lazarus APT Hackers are now using BMP images to hide RAT malware

A spear-phishing attack operated by a North Korean threat actor targeting its southern counterpart has been found to conceal its malicious code within a bitmap .BMP image file to drop a remote access trojan RAT capable of stealing sensitive information. Attributing the attack to the Lazarus Group...

SUSE SLES12 Security Update : xen (SUSE-SU-2021:1023-1)

This update for xen fixes the following issues : CVE-2021-3308: VUL-0: xen: IRQ vector leak on x86 bsc1181254, XSA-360 CVE-2021-28687: VUL-0: xen: HVM soft-reset crashes toolstack bsc1183072, XSA-368 CVE-2021-20257: VUL-0: xen: infinite loop issue in the e1000 NIC emulator bsc1182846...

CVE-2019-19004

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

CVE-2019-19005

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

CVE-2021-27594

When a user opens manipulated Windows Bitmap .BMP files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-27594

When a user opens manipulated Windows Bitmap .BMP files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

Design/Logic Flaw

When a user opens manipulated Windows Bitmap .BMP files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-27594

When a user opens manipulated Windows Bitmap .BMP files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

SAP 3D Visual Enterprise Viewer 输入验证错误漏洞

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. A denial of service vulnerability exists in SAP 3D Visual Enterprise Viewer version 9. The vulnerability stems from improper input validation. An attacker could exploit the vulnerability by means of a specially crafted...

FastStone Image Viewer 7.5 Buffer Overflow

Exploit title: FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER 'BitCount' Stack Based Buffer Overflow ASLR & DEP Bypass Exploit Author: Paolo Stagno Date: 15/03/2020 Vendor Homepage: https://www.faststone.org/ Download: https://www.faststonesoft.net/DN/FSViewerSetup75.exe...

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Cybercriminals are now deploying remote access Trojans RATs under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Tal...

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Cybercriminals are now deploying remote access Trojans RATs under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Tal...