2481 matches found
CVE-2023-7309 Dahua Smart Park Integrated Management Platform Front-End Arbitrary File Upload
A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform also referred to as the Dahua Smart Campus Integrated Management Platform, affecting the SOAP-based GIS bitmap upload interface. The flaw allows unauthenticated remote attackers to upload arbitrary files ...
Linux Distros Unpatched Vulnerability : CVE-2018-7641
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability tha...
Linux Distros Unpatched Vulnerability : CVE-2021-39519
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData located in...
Linux Distros Unpatched Vulnerability : CVE-2018-5727
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opjt1encodecblks function openjp2/t1.c. Remote attackers could leverage this vulnerability ...
Linux Distros Unpatched Vulnerability : CVE-2021-39520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PushReconstructedData located in...
Linux Distros Unpatched Vulnerability : CVE-2019-19582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled...
Linux Distros Unpatched Vulnerability : CVE-2019-13568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CImg through 2.6.7 has a heap-based buffer overflow in loadbmp in CImg.h because of erroneous memory allocation for a malformed BMP image. CVE-2019-13568 Note...
CVE-2025-57803
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...
DEBIAN-CVE-2025-57803
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...
CVE-2025-57803 ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...
CVE-2025-57803
ImageMagick is affected by CVE-2025-57803 on 32-bit builds via the BMP decoder (ReadBMP). In coders/bmp.c, the vulnerability arises when computing extent = image->columns × bits_per_pixel, which overflows a 32-bit size_t and collapses bytes_per_line to a small value, causing the per-row writer...
CVE-2025-57803 ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...
CVE-2025-57803 ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...
CVE-2025-57803
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...
ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow
Summary A 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the overflowed stride, so the first row immediately writes...
Linux Distros Unpatched Vulnerability : CVE-2023-5341
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. CVE-2023-5341 Note that Nessus relies on the presence of the package as reported by the...
DEBIAN-CVE-2025-52930
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-52930
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-46407
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...
DEBIAN-CVE-2025-46407
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...