EUVD-2025-28036

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-46407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted...

DEBIAN-CVE-2025-46407

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow via the BMPv3 Palette Decoding functionality. An attacker can execute arbitrary code by tricking a user into opening a specially crafted .bmp file, which triggers an integer overflow and subsequent...

CVE-2025-46407

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...

CVE-2025-46407

The CVE-2025-46407 entry concerns a memory corruption vulnerability in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. The root cause is an integer overflow while reading the palette from a specially crafted BMP file, which can overflow a heap-based buffer. Thi...

CVE-2025-46407

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...