JLSEC-2025-103 A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU vi...

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

JLSEC-2025-102 In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU v...

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

JLSEC-2025-138 FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.

FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder...

JLSEC-2025-104 The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4...

The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via crafted MPEG-4 video data...

SUSE CVE-2025-62171

ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating...

CVE-2025-62171

ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating...

UBUNTU-CVE-2025-62171

ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating...

CVE-2025-62171

ImageMagick exposes an integer overflow in the BMP ReadBMP path on 32-bit builds (size_t = 4) when processing BMPs with carefully chosen dimensions. The root cause is an overflow in extent = image->columns * bmp_info.bits_per_pixel, with the overflow check BMPOverflowCheck() being applied afte...

CVE-2025-62171 ImageMagick vulnerable to denial of service via integer overflow in BMP decoder on 32-bit systems

ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating...

PT-2025-42625

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-7 and 6.9.13-32 Description ImageMagick is a software suite for displaying, converting, and editing raster image files. An integer overflow exists in the BMP decoder on 32-bit systems in versions prior to...

ImageMagick 输入验证错误漏洞

ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in many formats. An input validation error vulnerability exists in ImageMagick versions prior to 7.1.2-7 and prior to 6.9.13-32, which stems from an integer overflow...

CVE-2025-20360

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of the HTTP header are...

EUVD-2025-34665

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in the logic of buffer...

CVE-2025-20360 Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of the HTTP header are...

CVE-2025-20360

CVE-2025-20360 affects multiple Cisco products via the Snort 3 HTTP Decoder. The root cause is incomplete error checking when parsing MIME fields in HTTP headers, leading to a DoS where the Snort 3 Detection Engine restarts after processing crafted HTTP packets. Exploitation requires an unauthent...

CVE-2025-20359 Multiple Cisco Products Snort 3 MIME Information Disclosure or Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in the logic of buffer...

CVE-2025-20359

CVE-2025-20359 affects multiple Cisco products via the Snort 3 HTTP Decoder/MIME handling. The root cause is a buffer under-read caused by flawed parsing of HTTP header MIME fields, which can be triggered by crafted HTTP packets processed by Snort 3. Potential outcomes verified in the sources inc...

CVE-2025-20359 Multiple Cisco Products Snort 3 MIME Information Disclosure or Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the disclosure of possible sensitive data or cause the Snort 3 Detection Engine to crash. This vulnerability is due to an error in the logic of buffer...

Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the HTTP Multipurpose Internet Mail Extensions MIME Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak possible sensitive information or to restart. For more information about these...

Multiple Cisco Products Snort 3 MIME DoS Vulnerabilities (cisco-sa-snort3-mime-vulns-tTL8PgVH_CVE-2025-20360)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerabilit...