Astra Linux - уязвимость в openimageio

There are multiple denial-of-service vulnerabilities in the image output closing functionality of the OpenImageIO Project’s OpenImageIO v2.4.4.2. specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious inputs to exploit these...

CVE-2026-42146 CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2026-24133

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in...

EUVD-2004-0111

Malware in sbrugna...

EUVD-2005-1795

Malware in sbrugna...

EUVD-2025-25757

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-32468

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...

SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2221 SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52930 SUMMARY A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...

Siemens Simcenter Femap File Parsing Vulnerability

Simcenter Femap is an advanced simulation application for creating, editing and checking finite element models of complex products or systems. A file parsing vulnerability exists in Siemens Simcenter Femap and may be triggered when the application reads a file in STP or BMP file format. An attack...

CVE-2022-32236

When a user opens manipulated Windows Bitmap .bmp, 2d.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2005-1793

User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service crash via an icon .ico bitmap file with large width and height values...

CVE-2024-33654

A vulnerability has been identified in Simcenter Femap All versions V2406. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process...

USN-6621-1 imagemagick vulnerability

It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service...

CVE-2022-32236

When a user opens manipulated Windows Bitmap .bmp, 2d.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2022-32236

When a user opens manipulated Windows Bitmap .bmp, 2d.x3d files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the American company Autodesk. A security vulnerability exists in Autodesk AutoCAD 2022, 2021, 2020, 2019, which originates from a maliciously crafted PICT, BMP, PSD, or TIF file that can be used to write to a buffer beyond the...

Siemens JT2GO 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens AG, Germany. Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. A memory corruption vulnerability exists in...

CVE-2021-27594

When a user opens manipulated Windows Bitmap .BMP files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-21456

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

USN-4497-1 OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. CVE-2016-9112 It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it...