CVE-2026-46045

A flaw was found in the Linux kernel, specifically within the multiple device MD driver's bitmap handling. This vulnerability allows the system to read outdated or incomplete data from storage devices that are not fully synchronized. This can lead to errors in tracking changes to data, which may...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002272 advisory. The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial ...

EUVD-2016-6133

Malware in sbrugna...

CVE-2022-49526

In the Linux kernel, the following vulnerability has been resolved: md/bitmap: don't set sb values if can't pass sanity check If bitmap area contains invalid data, kernel will crash then mdadm triggers "Segmentation fault". This is cluster-md speical bug. In non-clustered env, mdadm will handle...

kernel: md/md-bitmap: fix incorrect usage for sb_index

A security vulnerability was identified in the Linux kernel's MD Multiple Device subsystem, specifically within the bitmap handling code for clustered environments. The issue arises from incorrect usage of the sbindex field, leading to potential system crashes in clustered configurations...

DEBIAN-CVE-2022-48619

An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service panic because inputsetcapability mishandles the situation in which an event code falls outside of a bitmap...

Foxit Reader < 9.1 Multiple Vulnerabilities

According to its version, the Foxit Reader application installed on the remote Windows host is prior to 9.1. It is, therefore affected by multiple vulnerabilities: - In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP...

OESA-2021-1288 optipng security update

Security Fixes: Off-by-one error in the bmprle4fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer...

SUSE SLES12 Security Update : xen (SUSE-SU-2021:1023-1)

This update for xen fixes the following issues : CVE-2021-3308: VUL-0: xen: IRQ vector leak on x86 bsc1181254, XSA-360 CVE-2021-28687: VUL-0: xen: HVM soft-reset crashes toolstack bsc1183072, XSA-368 CVE-2021-20257: VUL-0: xen: infinite loop issue in the e1000 NIC emulator bsc1182846...

SUSE-SU-2020:2995-1 Security update for freetype2

This update for freetype2 fixes the following issues: - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps bsc1177914...

CAD Smart Garden has a memory corruption vulnerability

CAD Smart Garden is a professional garden design software. CAD Smart Garden Tool has a memory corruption vulnerability when dealing with BMP images. An attacker can cause the program to crash by constructing a malformed BMP image. If successfully exploited, it can lead to a system denial of servi...

MGASA-2019-0012 Updated freerdp packages fix security vulnerabilities

Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2018-8784, CVE-2018-8785. Eyal Itkin discovered FreeRDP incorrectly handled...

Memory Corruption Vulnerability in ApowerPDF Processing of BMP Files

ApowerPDF is a PDF editor that can be used to convert, view, create PDF files and provide users with a one-stop PDF solution. A memory corruption vulnerability exists in ApowerPDF's handling of BMP files. An attacker can cause the program to crash by constructing malformed BMP files...

Input validation

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

CVE-2016-5182

CVE-2016-5182 is a Google Chrome/Chromium Blink vulnerability described as a heap overflow in the ImageBitmap/bitmap handling path that could be triggered by a crafted HTML page. The issue allows a remote attacker to potentially achieve remote code execution on the affected host. Affected version...

CVE-2016-5182

Removed by vendor...

chromium-browser: heap overflow in blink

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

UBUNTU-CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...