CVE-2023-23298

The Toybox.Graphics.BufferedBitmap.initialize API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters...

autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c

A buffer overflow flaw was found in the autotrace package. This flaw allows an attacker to trick the user into opening a maliciously crafted BMP image, triggering arbitrary code execution or causing the application to crash...

autotrace: heap-buffer overflow via the ReadImage() at input-bmp.c

A buffer overflow flaw was found in the autotrace package. This flaw allows an attacker to trick the user into opening a maliciously crafted BMP image, triggering arbitrary code execution or causing the application to crash...

kernel: drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()

In the Linux kernel, the following vulnerability has been resolved: drivers/md/md-bitmap: check the return value of mdbitmapgetcounter Check the return value of mdbitmapgetcounter in case it returns NULL pointer, which will result in a null pointer dereference. v2: update the check to include oth...

Moderate: autotrace security update

AutoTrace is a program for converting bitmaps to vector graphics. Security Fixes: autotrace: heap-buffer overflow via the ReadImage at input-bmp.c CVE-2022-32323 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer t...

Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow

Exploit Title: Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow Exploit Date: 22.01.2023 Discovered and Written by: Knursoft Vendor Homepage: https://www.rockstargames.com/ Version: v1.1 Tested on: Windows XP SP2/SP3, 7, 10 21H2 CVE : N/A 1 - Run this python script to generate...

CVE-2022-43611

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...

Corel CorelDRAW Graphics Suite 缓冲区错误漏洞

Corel CorelDRAW Graphics Suite is a vector graphics editing software from Corel Digital Technology Canada. Corel CorelDRAW Graphics Suite version 23.5.0.506 contains a buffer overflow vulnerability, which stems from a lack of length validation of user-supplied data when parsing BMP files and can ...

Medium: autotrace

Issue Overview: A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. CVE-2019-19004 A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via...

Amazon Linux 2023 : autotrace, autotrace-devel (ALAS2023-2023-004)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-004 advisory. A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. CVE-2019-19004 A bitmap doubl...

Microsoft Windows win32kfull Bitmap Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

OSV-2023-165 Heap-buffer-overflow in array_container_to_uint32_array

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56893 Crash type: Heap-buffer-overflow WRITE 4 Crash state: arraycontainertouint32array ratouint32array roaringbitmapserialize...

SUSE CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

CVE-2023-26606

In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...

K76434343: gdk-pixbuf vulnerability CVE-2015-4491

Security Advisory Description Integer overflow in the makefiltertable function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary...

SUSE CVE-2004-0111

gdk-pixbuf before 0.20 allows attackers to cause a denial of service crash via a malformed bitmap BMP file...

SUSE CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817...

SUSE CVE-2004-0904

Integer overflow in the bitmap BMP decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows...

SUSE CVE-2004-1309

Heap-based buffer overflow in the demuxopenbmp function in demuxbmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap BMP file containing a large biClrUsed field...