Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the image decoding process. An attacker can execute arbitrary code by supplying a specially crafted .pcx file and convincing the target to process it. Remediation Upgrade sail to version 0.9.10 or higher...

Linux Distros Unpatched Vulnerability : CVE-2019-5052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulti...

Linux Distros Unpatched Vulnerability : CVE-2017-2899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif'...

CVE-2025-9145

A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file viewedit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The...

macOS 13.x < 13.7.8 (124929)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7.8. It is, therefore, affected by a vulnerability: - Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticat...

macOS 14.x < 14.7.8 (124928)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.7.8. It is, therefore, affected by a vulnerability: - Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticat...

CVE-2025-9165

A memory leak flaw was found in LibTIFF. This vulnerability affects the TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 function in the file tools/tiffcmp.c of the tiffcmp component. Executing manipulation can lead to a memory leak. The attack is restricted to local execution...

Linux Distros Unpatched Vulnerability : CVE-2022-41988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted...

CVE-2012-10057

Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on th...

OESA-2025-2051 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

OESA-2025-2050 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

[SECURITY] Fedora 42 Update: libtiff-4.7.0-7.fc42

The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...

Lattice Semiconductor ispVM System 安全漏洞

Lattice Semiconductor ispVM System is a programming and debugging software toolset from Lattice Semiconductor, USA. A security vulnerability exists in Lattice Semiconductor ispVM System version 18.0.2, which originates from a buffer overflow when processing .xcf files and could lead to the...

Linux Distros Unpatched Vulnerability : CVE-2020-13845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The...

Linux Distros Unpatched Vulnerability : CVE-2022-25275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative...

Autodesk 3ds Max 安全漏洞

Autodesk 3ds Max is a full-featured, three-dimensional computer graphics software from the American company Autodesk. A security vulnerability exists in Autodesk 3ds Max that stems from a specially crafted TGA file that could lead to memory corruption...

RLSA-2025:4658 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service CVE-2017-17095 For more details about the security issues, including the impact, a CVSS...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the setrow function. An attacker can cause application instability and potentially execute arbitrary code by supplying a specially crafted image file that triggers improper bounds checking during row data assignment...

LibTIFF 安全漏洞

LibTIFF is a LibTIFF open source library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. A security vulnerability exists in LibTIFF version 4.7.0 and earlier, which stems from a buffer overflow in the function...

Medium: gimp

Issue Overview: GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. CVE-2022-30067 Affected Packages: gimp Note: This advisory is applicable to Amazon Linu...