CVE-2023-53357

CVE-2023-53357 affects the Linux kernel md/raid10 code. The slab-out-of-bounds occurs in md_bitmap_get_counter when a large value is written to md/bitmap_set_bits, causing -EINVAL if page >= bitmap->pages and the result isn’t checked promptly. The fix moves the page-boundary check into md_b...

CVE-2023-53357 md/raid10: check slab-out-of-bounds in md_bitmap_get_counter

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because 'page = bitmap-pages', but the return value was not checked immediately in...

PT-2025-44095

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc6-dirty Description The Linux kernel contains a flaw in the binder subsystem related to bitmap handling. A process attempting to expand its proc-dmap may experience a double-free error when a bitmap...

CLSA-2025-1757666692 libtiff: Fix of CVE-2017-9117

CVE-2017-9117: add checks for all BMP reading operations to avoid buffer overflow...

ROS-20250905-09

Vulnerability of ImageMagick console graphic editor related to integer overflow on BMP encoder step calculation. calculation of BMP encoder bitmap string step. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

DEBIAN-CVE-2025-38692

In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. 1 Condition for exfatcountdirentries to loop infinitely. - The cluster chain includes a loop....

CVE-2025-38692

In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. 1 Condition for exfatcountdirentries to loop infinitely. - The cluster chain includes a loop....

UBUNTU-CVE-2025-38692

In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. 1 Condition for exfatcountdirentries to loop infinitely. - The cluster chain includes a loop....

wifi: cfg80211: clear link ID from bitmap during link delete after clean up

...

CVE-2025-26416

The CVE-2025-26416 issue affects SkBmpStandardCodec.cpp in the initializeSwizzler path, described as a heap buffer overflow that causes an out-of-bounds write. The practical result is remote elevation of privilege with no additional execution privileges required and without user interaction. Publ...

Linux Distros Unpatched Vulnerability : CVE-2025-52930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data fr...

Linux Distros Unpatched Vulnerability : CVE-2025-46407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted...

Linux Distros Unpatched Vulnerability : CVE-2025-57803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit...

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-32468

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...

CVE-2025-46407

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...

Linux Distros Unpatched Vulnerability : CVE-2018-7640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability tha...

Linux Distros Unpatched Vulnerability : CVE-2018-7639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability tha...

CVE-2023-7309

A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform also referred to as the Dahua Smart Campus Integrated Management Platform, affecting the SOAP-based GIS bitmap upload interface. The flaw allows unauthenticated remote attackers to upload arbitrary files ...

CVE-2023-7309

CVE-2023-7309 details (Dahua Smart Park / Smart Campus Integrated Management Platform): A path-traversal vulnerability exists in the SOAP-based GIS bitmap upload interface that allows unauthenticated remote attackers to upload arbitrary files to the server, including executable JSP payloads. Succ...