Lucene search
K

223 matches found

NVD
NVD
added 2025/08/25 3:15 p.m.6 views

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS0.00691EPSS
Exploits1References2
NVD
NVD
added 2025/08/25 3:15 p.m.5 views

CVE-2025-53085

A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .psd file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS0.00691EPSS
Exploits1References2
OSV
OSV
added 2025/08/25 3:15 p.m.5 views

UBUNTU-CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS6.3AI score0.00691EPSS
Exploits1References3
Snyk
Snyk
added 2025/08/25 2:41 p.m.2 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the PSD RLE Decoding functionality. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted .psd file that triggers a heap-based buffer overflow during...

8.8CVSS7.8AI score0.00691EPSS
Exploits1References2
CVE
CVE
added 2025/08/25 2:17 p.m.34 views

CVE-2025-53085

CVE-2025-53085 impacts the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8 . The vulnerability is described as a memory corruption causing a heap-based buffer overflow when decompressing image data from a specially crafted PSD file, enabling remote code execution. Exploit...

8.8CVSS8.4AI score0.00691EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/25 2:17 p.m.2 views

CVE-2025-53085

A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .psd file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS8.4AI score0.00691EPSS
Exploits1References1
OSV
OSV
added 2025/08/25 2:17 p.m.5 views

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS8.4AI score0.00691EPSS
Exploits1References4
CVE
CVE
added 2025/08/25 2:17 p.m.29 views

CVE-2025-52930

CVE-2025-52930 affects the BMPv3 RLE Decoding functionality in the SAIL Image Decoding Library v0.9.8 . A memory corruption due to a heap-based buffer overflow during BMP data decompression can lead to remote code execution if an attacker can induce the library to read a specially crafted BMP fil...

8.8CVSS8.4AI score0.00691EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/08/25 2:17 p.m.9 views

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

8.8CVSS0.00691EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.7 views

SAIL 安全漏洞

SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from a heap buffer overflow in the BMPv3 RLE decoding function that could lead to remote code execution...

8.8CVSS7.9AI score0.00691EPSS
Exploits1References2
Talos
Talos
added 2025/08/25 12:0 a.m.5 views

SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2221 SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52930 SUMMARY A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...

8.8CVSS7.7AI score0.00691EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.3 views

PT-2025-34626 · Unknown · Sail Image Decoding Library

Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PSD RLE Decoding functionality. Decompressing image data from a crafted .psd file can lead to a heap-based buffer overflow, potentially allowing fo...

8.8CVSS7.2AI score0.00691EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-35655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

5.8CVSS6.6AI score0.01573EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-38143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to...

9.8CVSS8.6AI score0.01423EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.3 views

PT-2025-40877

Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description The software is susceptible to an issue when decoding OpenEXR files that utilize DWAA or DWAB compression. Specifically, the length of run-length-encoded data is not validated during the decoding...

9.8CVSS6.9AI score0.01545EPSS
Exploits7References60
RedhatCVE
RedhatCVE
added 2025/05/22 5:30 p.m.4 views

CVE-2020-6361

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE files received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

4.3CVSS6.6AI score0.01623EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 9:15 p.m.3 views

CVE-2024-11519

IrfanView RLE File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS6.2AI score0.00427EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

IrfanView 安全漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan. It supports image browsing, image editing, image format conversion and more. IrfanView suffers from a security vulnerability that stems from the RLE file parsing feature containing an out-of-bounds write issue. An attacker...

7.8CVSS8.1AI score0.0058EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.6 views

PT-2024-17048 · Irfanview · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...

7.8CVSS7.2AI score0.00438EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.8 views

kernel: null pointer when load rlc firmware

A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC Run-Length Coding firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpuucoderequest,...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References5
Rows per page
Query Builder