44 matches found
CVE-2026-23530
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...
EUVD-2026-3311
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...
CVE-2026-23530
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...
CVE-2026-23530 FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,freerdpbitmapdecompressplanar does not validate nSrcWidth/nSrcHeight against planar-maxWidth/maxHeight before RLE decode. A malicious server can trigger a client‑side heap buffer overflow, causing a crash DoS...
Linux Distros Unpatched Vulnerability : CVE-2020-11538
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than...
SUSE CVE-2018-8788
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode that results in a memory corruption and possibly even a remote code execution...
SUSE CVE-2020-11538
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...
The vulnerability in the libImaging/TgaRleDecode.c component of the Pillow image processing library allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the libImaging/TgaRleDecode.c component of the Pillow image processing library is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...
CVE-2022-30595
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files...
PYSEC-2022-43145
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files...
GHSA-R7RM-8J6H-R933 Buffer Copy without Checking Size of Input in Pillow
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...
OESA-2021-1127 python-pillow security update
Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. Security Fixes: In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SG...
DEBIAN-CVE-2021-25293
An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c...
ALPINE-CVE-2021-25293
An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c...
PYSEC-2021-39
An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c...
PYSEC-2021-71
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...
DEBIAN-CVE-2020-11538
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...
PT-2020-12675 · Pillow +5 · Pillow +5
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.0.1 Description: The issue exists in the parsing of SGI image files, where a number of out-of-bounds reads are present in the libImaging/SgiRleDecode.c module. Recommendations: For versions prior to 7.0.1, update to...
DEBIAN-CVE-2020-5311
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...
UBUNTU-CVE-2020-5311
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...