jsPDF 安全漏洞

jsPDF is a JavaScript-based PDF document generation library developed by Parallax. Versions of jsPDF prior to 4.1.0 contained a security vulnerability. This vulnerability stemmed from the first parameter of the addImage method, which allowed users to provide harmful BMP files, potentially leading...

Ubuntu: Security Advisory (USN-7876-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7876-1: ImageMagick vulnerability

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803...

EUVD-2006-3738

Malware in sbrugna...

EUVD-2025-23770

Malicious code in bioql PyPI...

CVE-2025-21020

Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21020

CVE-2025-21020 affects Samsung Blockchain Keystore. The issue is an out-of-bounds write during bitmap image creation, allowing a local privileged attacker to write memory outside allocated boundaries. Affected version: Blockchain Keystore prior to 1.3.17.2. Impact is described as local impact wit...

CVE-2025-21020

Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

SAMSUNG Notes 安全漏洞

Samsung Notes is an application program from the South Korean company Samsung SAMSUNG. It is used to provide a recording function. An out-of-bounds read vulnerability exists in Samsung Notes, which stems from a lack of proper validation of user-supplied data when parsing wbmp images, and can be...

ImageMagick: Multiple Vulnerabilities

Background ImageMagick is a software suite to create, edit, and compose bitmap images, that can also read, write, and convert images in many other formats. Description Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details...

SUSE CVE-2016-8701

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an image read and write library that also provides several tools and applications. OpenImageIO v2.3.19.0 is vulnerable to a heap out-of-bounds write vulnerability when processing RLE-encoded BMP images. An attacker could exploit this vulnerability to write arbitrary out-of-bounds...

CVE-2021-46605

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Mozilla Firefox Security Advisory (MFSA2015-88) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Cybercriminals are now deploying remote access Trojans RATs under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Tal...

DEBIAN-CVE-2020-27772

A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned int. This would most likely lead to an impact to application availability, but could...

Binary vulnerability in KINCO DTools (CNVD-2020-68574)

Shanghai BUCO Automation Co., Ltd. has been focusing on the research, development, production, sales and related technical services of core components for industrial automation equipment control and industrial IoT/Internet software and hardware, as well as providing customers with solutions for...

LEAD Technologies LEADTOOLS Input Validation Error Vulnerability

LEAD Technologies LEADTOOLS is an image processing development kit from LEAD Technologies. An input validation error vulnerability exists in the BMP header parsing functionality in LEAD Technologies LEADTOOLS. The vulnerability can be exploited to execute arbitrary code with the help of specially...

Mozilla Firefox ESR < 31.4 Multiple Vulnerabilities

Binary data 701250.prm...

Memory Corruption Vulnerability in CAD Mini Drawing

CAD Mini Drawing is a cad drawing software. CAD Mini Drawing Tool has a memory corruption vulnerability when handling BMP images. An attacker can cause the program to crash by constructing a malformed BMP image. If successfully exploited, this could lead to a system denial of service...