2481 matches found
Use of NullPointerException Catch to Detect NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to Use of NullPointerException Catch to Detect NULL Pointer Dereference in the MultimodalTokenize function that improperly processes NULL from mtmdhelperbitmapinitfrombuf function of vendored llama.cpp. An attacker can cause the applicatio...
CVE-2019-2281
An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 665, SD 675...
CVE-2019-2251
If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
CVE-2025-40764
A vulnerability has been identified in Simcenter Femap V2406 All versions V2406.0003, Simcenter Femap V2412 All versions V2412.0002. The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in th...
SUSE CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000505)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000505 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a dat...
Oracle Linux 8 : poppler (ELSA-2026-0130)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0130 advisory. 20.11.0-13 - Check bitmap in combine - Resolves: RHEL-131786 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000492)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000492 advisory. A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security...
poppler security update
20.11.0-13 - Check bitmap in combine - Resolves: RHEL-131786...
Oracle Linux 10 : poppler (ELSA-2026-0128)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0128 advisory. 24.02.0-7 - Check bitmap in combine - Resolves: RHEL-131783, RHEL-131782 Tenable has extracted the preceding description block directly from the Oracle Linux...
poppler security update
21.01.0-23 - Bump release for build inheritance - Resolves: RHEL-131792 21.01.0-22 - Check bitmap in combine - Resolves: RHEL-131795, RHEL-131792...
PT-2026-25335
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is an implementation of the Remote Desktop Protocol. The gdi surface bits function handles SURFACE BITS COMMAND messages from the RDP server. When using NSCodec, the bmp.width and bmp.height...
PT-2026-3455
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.21.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. The freerdp bitmap decompress planar function does not properly validate the nSrcWidth and nSrcHeight parameters against...
PT-2026-3467
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.21.0 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw where offscreen bitmap deletion results in the gdi-drawing pointer referencing freed memory. This creates a...
PT-2026-25334
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. An integer underflow exists in the update read cache bitmap order function within FreeRDP's Core Library. Recommendations Update to...
PT-2026-25341
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the freerdp bitmap decompress planar function where an out-of-bounds read can occur when the SrcSize is 0. The...
PT-2026-24132
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software used for editing and manipulating digital images. An integer overflow in the DIB coder can lead to out-of-bounds read or write...
PT-2026-25333
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A client-side heap out-of-bounds read/write issue exists in FreeRDP's bitmap cache subsystem. This is due to an incorrect boundary...
CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15279
FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...