Astra Linux - уязвимость в pillow

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files, due to improper handling of offset and length tables...

CVE-2026-43903

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIODASSERT for bounds checking in the RLE decode loop. In release builds, OIIODASSERT compiles to voidsizeofx...

EUVD-2026-30387

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIODASSERT for bounds checking in the RLE decode loop. In release builds, OIIODASSERT compiles to voidsizeofx...

CVE-2025-15277

A flaw was found in FontForge. This vulnerability, a heap-based buffer overflow, allows a remote attacker to execute arbitrary code. Exploitation requires user interaction, such as opening a malicious SGI Silicon Graphics Image file, which triggers improper data length validation during scanline...

CVE-2025-15277

FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-15277

FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-15277 FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-15277

FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

FontForge 安全漏洞

FontForge is an open source font editing tool from fontforge that supports multiple languages. A security vulnerability exists in FontForge that stems from improper validation of data length when parsing SGI file scanlines, which could lead to a heap buffer overflow and remote code execution...

PT-2025-53824

Name of the Vulnerable Software and Affected Versions FontForge affected versions not specified Description A flaw exists in FontForge within the parsing of scanlines in SGI files. The issue is due to insufficient validation of user-supplied data length before copying it into a heap-based buffer,...

EUVD-1999-1475

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-35655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

SUSE CVE-2008-3639

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

SUSE CVE-2016-7101

The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service out-of-bounds read via a large row value in an sgi file...

SUSE CVE-2019-19948

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c...

PT-2022-5039 · Adobe · Bridge

Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 12.0.2 and earlier Adobe Bridge versions 11.1.3 and earlier Description: The issue is related to a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation...

LibTIFF 数字错误漏洞

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains some command line tools for working with TIFF files. A security vulnerability exists in LibTIFF version 4.4.0. An attacker has exploited the...

LibTIFF 数字错误漏洞

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains some command line tools for working with TIFF files. A security vulnerability exists in LibTIFF version 4.4.0. An attacker could exploit this...

GHSA-R7RM-8J6H-R933 Buffer Copy without Checking Size of Input in Pillow

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow...

Silicon Graphics LibTIFF 缓冲区错误漏洞

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains some command line tools for working with TIFF files. A security vulnerability exists in Silicon Graphics LibTIFF. An attacker could use this...