CVE-2025-68350 exfat: fix divide-by-zero in exfat_allocate_bitmap

In the Linux kernel, the following vulnerability has been resolved: exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent modulo operation i % maxracount, leading to a system crash. When...

CVE-2025-68350 exfat: fix divide-by-zero in exfat_allocate_bitmap

In the Linux kernel, the following vulnerability has been resolved: exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent modulo operation i % maxracount, leading to a system crash. When...

CVE-2025-14516

Yalantis uCrop 2.2.11 contains a Server-Side Request Forgery (SSRF) in the URL Handler: downloadFile() in com.yalantis.ucrop.task.BitmapLoadTask.java. Manipulation allows remote-triggered requests, with disclosure publicly available and vendor not responding. Multiple sources (NVD, Red Hat, CVE l...

EUVD-2025-202689

A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The...

CVE-2025-14516 Yalantis uCrop URL com.yalantis.ucrop.task.BitmapLoadTask.java downloadFile server-side request forgery

A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The...

CVE-2025-38692

In the Linux kernel, the following vulnerability has been resolved: exfat: add cluster chain loop check for dir An infinite loop may occur if the following conditions occur due to file system corruption. 1 Condition for exfatcountdirentries to loop infinitely. - The cluster chain includes a loop....

PT-2022-19049 · Ffjpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg affected versions not specified Description: The issue is related to an integer overflow vulnerability in the bmp load function in bmp.c, which can lead to a heap overflow in jfif encode in jfif.c. This vulnerability is a result of an...

CVE-2021-44423

An out-of-bounds read vulnerability exists when reading a BMP file using Open Design Alliance ODA Drawings Explorer before 2022.12. The specific issue exists after loading BMP files. Unchecked input data from a crafted BMP file leads to an out-of-bounds read. An attacker can leverage this...

PT-2020-13542 · FFmpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 2020-02-24 Description: The issue is related to an invalid write in the bmp load function located in bmp.c. Recommendations: For versions prior to 2020-02-24, at the moment, there is no information about a newer versi...

UBUNTU-CVE-2018-7638

An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "256 colors" case, aka case 8...