EUVD-2026-30417

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

EUVD-2026-23648

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

Updated gimp packages fix security vulnerabilities

XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. CVE-2025-2760 FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. CVE-2025-2761 Multiple heap buffer overflows in tga parser. CVE-2025-48797 Multiple use after free in xcf parser. CVE-2025-48798 XWD File...

DEBIAN-CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

Allegro 缓冲区错误漏洞

Allegro is Allegro open source a cross-platform library mainly for video games and multimedia programming. A security vulnerability exists in Allegro 5.2.6 and earlier versions, which stems from the presence of a buffer overflow vulnerability that can be exploited by an attacker to cause a denial...

UBUNTU-CVE-2021-38115

readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

PT-2018-3483 · Graphicsmagick +3 · Graphicsmagick +3

Name of the Vulnerable Software and Affected Versions: GraphicsMagick versions 1.4 snapshot-20181209 Q8 Description: The issue is related to a heap-based buffer overflow in the WriteTGAImage function, which can be exploited by attackers to cause a denial of service. This can be achieved by using ...

UBUNTU-CVE-2017-17786

In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c related to bgr2rgb.part.1 via an unexpected bits-per-pixel value for an RGBA image...

ImageMagick memory leak vulnerability (CNVD-2017-15117)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A memory leak vulnerability exists in the 'ReadTGAImage' function of the coderstga.c file in ImageMagick version...

UBUNTU-CVE-2017-9191

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rlefread function in input-tga.c:252:15...

Updated gdk-pixbuf2.0 packages fix security vulnerabilities

Updated gdk-pixbuf packages fix security vulnerabilities: Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf before 2.32.0. This issue is triggered by the scaling of a malformed tga format image and results in a potentially exploitable crash CVE-2015-7673. Security research...

DEBIAN-CVE-2008-6079

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted 1 ARGB, 2 BMP, 3 JPEG, 4 LBM, 5 PNM, 6 TGA, or 7 XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."...