29 matches found
CVE-2026-4151
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a specially crafted ANI Animated Cursor file or visiting a malicious web page. This issue stems from an integer overflow during the parsing of ANI files, caused by insufficient validation of...
CVE-2026-4151
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...
EUVD-2022-44425
Malicious code in bioql PyPI...
CVE-2021-26233
FastStone Image Viewer = 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service DoS or possibly to achieve code executio...
CVE-2021-26234
FastStone Image Viewer = 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service DoS or possibly to achieve code execution...
CVE-2021-26236
FastStone Image Viewer v.= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality BITMAPINFOHEADER Structure, 'BitCount' file format field, that will end up corrupting the Structure Exception Handler SEH. Attackers could exploit this issue to...
CVE-2022-41183
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
CVE-2022-41184
Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow...
CVE-2022-41184
Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow...
CVE-2022-41183
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
Code injection
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
Stack overflow
Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow...
CVE-2022-41183
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File .cur, ico.x3d file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart...
PT-2022-25706 · Sap · Sap 3D Visual Enterprise Author
Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Author version 9 Description: The issue arises due to improper memory management when a user opens a manipulated Windows Cursor File .cur, .ico.x3d from untrusted sources. This can cause the application to crash,...
PT-2022-25707 · Sap · Sap 3D Visual Enterprise Author
Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Author version 9 Description: The issue arises due to improper memory management. When a manipulated Windows Cursor File .cur, ico.x3d from untrusted sources is opened in the affected software, it can trigger Remote...
CVE-2022-41183
SAP 3D Visual Enterprise Author (v9) contains a vulnerability in the CUR file parsing code leading to memory corruption. The ZDI advisory describes an out-of-bounds read in CUR parsing that can be triggered by opening a malicious CUR file, enabling remote code execution in the context of the affe...
CVE-2022-41184
CVE-2022-41184 affects SAP 3D Visual Enterprise Author v9, where parsing manipulated Windows Cursor Files (.cur, ico.x3d) can trigger a stack-based overflow or use-after-free of a dangling pointer, enabling Remote Code Execution after user opens the crafted file. Exploitation requires user intera...
CVE-2021-26237
FastStone Image Viewer = 7.5 is affected by a user mode write access violation at 0x00402d7d, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service DoS or possibly to achieve code execution...
CVE-2021-26234
FastStone Image Viewer = 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service DoS or possibly to achieve code execution...
CVE-2021-26236
FastStone Image Viewer v.= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality BITMAPINFOHEADER Structure, 'BitCount' file format field, that will end up corrupting the Structure Exception Handler SEH. Attackers could exploit this issue to...