CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2025/08/25 2:41 p.m.•1 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the image decoding process. An attacker can execute arbitrary code by supplying a specially crafted .pcx file and convincing the target to process it. Remediation Upgrade sail to version 0.9.10 or higher...

8.8CVSS7.5AI score0.00469EPSS

Snyk•added 2025/08/25 2:41 p.m.•1 views

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the BMPv3 image decoding functionality. An attacker can execute arbitrary code by supplying a specially crafted .bmp file that triggers an integer overflow during stride calculation, leading to a...

8.8CVSS7.9AI score0.00525EPSS

Snyk•added 2025/08/25 2:41 p.m.•3 views

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the PSD Image Decoding functionality. An attacker can execute arbitrary code by supplying a specially crafted .psd file that triggers an integer overflow during stride calculation, leading to a...

8.8CVSS7.9AI score0.00525EPSS

Snyk•added 2025/08/25 2:41 p.m.•1 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the PCX Image Decoding functionality. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted .tga file and convincing the target to process it. Remediation...

8.8CVSS7.5AI score0.00469EPSS

Snyk•added 2025/08/25 2:41 p.m.•3 views

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the BMPv3 RLE Decoding functionality. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted .bmp file that triggers a heap-based buffer overflow duri...

8.8CVSS7.8AI score0.00469EPSS

Snyk•added 2025/08/25 2:41 p.m.•2 views

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the WebP Image Decoding functionality. An attacker can execute arbitrary code by enticing a user to open a specially crafted .webp animation file, which triggers an integer overflow during stride...

8.8CVSS7.8AI score0.00483EPSS

Debian CVE•added 2025/08/25 2:17 p.m.•3 views

CVE-2025-46407

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...

8.8CVSS6.5AI score0.00525EPSS

Exploits1

Vulnrichment•added 2025/08/25 2:17 p.m.•2 views

CVE-2025-46407

8.8CVSS7.7AI score0.00525EPSS

Cvelist•added 2025/08/25 2:17 p.m.•6 views

CVE-2025-46407

8.8CVSS0.00525EPSS

Cvelist•added 2025/08/25 2:17 p.m.•6 views

CVE-2025-32468

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...

8.8CVSS0.00525EPSS

Debian CVE•added 2025/08/25 2:17 p.m.•4 views

CVE-2025-32468

8.8CVSS6.4AI score0.00525EPSS

Exploits1

Vulnrichment•added 2025/08/25 2:17 p.m.•2 views

CVE-2025-32468

CVE•added 2025/08/25 2:17 p.m.•19 views

CVE-2025-32468

CVE-2025-32468 : A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp, an integer overflow occurs during stride calculation, leading to a heap-based buffer overflow during decoding and p...

Exploits1References2Affected Software1

Vulnrichment•added 2025/08/25 2:17 p.m.•1 views

CVE-2025-35984

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS8.4AI score0.00469EPSS

Cvelist•added 2025/08/25 2:17 p.m.•5 views

CVE-2025-35984

8.8CVSS0.00469EPSS

CVE•added 2025/08/25 2:17 p.m.•19 views

CVE-2025-35984

An active CVE affecting the SAIL Image Decoding Library (PCX decoding). A memory corruption in the PCX image decoding functionality (SAIL Image Decoding Library v0.9.8) causes a heap-based buffer overflow when processing specially crafted PCX data, enabling remote code execution. The attack requi...

8.8CVSS8.4AI score0.00469EPSS

Exploits1References2Affected Software1

CVE•added 2025/08/25 2:17 p.m.•35 views

CVE-2025-53510

The CVE-2025-53510 entry concerns the SAIL Image Decoding Library (v0.9.8) PSD image decoding path. A memory corruption occurs when decoding a specially crafted PSD: an integer overflow in stride calculation triggers a heap-based buffer overflow, enabling remote code execution after the library r...

Exploits1References2Affected Software1

Vulnrichment•added 2025/08/25 2:17 p.m.•1 views

CVE-2025-53510

A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffe...