SUSE CVE-2016-8698

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703...

SUSE CVE-2016-8702

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703...

SUSE CVE-2016-8701

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703...

SUSE CVE-2016-8700

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703...

SUSE CVE-2016-8703

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702...

SUSE CVE-2016-8884

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690...

SUSE CVE-2016-10504

Heap-based buffer overflow vulnerability in the opjmqcbyteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service application crash via a crafted bmp file...

SUSE CVE-2017-2905

An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...

SUSE CVE-2017-7263

The bmreadbodybmp function in bitmapio.c in Potrace 1.14 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for...

SUSE CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the...

SUSE CVE-2017-9168

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:353:25...

SUSE CVE-2017-9167

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:337:25...

SUSE CVE-2017-9171

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-bmp.c:492:24...

SUSE CVE-2017-9190

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid free, related to the freebitmap function in bitmap.c:24:5...

SUSE CVE-2017-11528

The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service memory leak via a crafted file...

SUSE CVE-2017-12122

An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

SUSE CVE-2017-13673

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service assertion failure in the cpuphysicalmemorysnapshotgetdirty function...

SUSE CVE-2017-14175

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over th...

SUSE CVE-2018-1093

The ext4validblockbitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service out-of-bounds read and system crash via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers...

SUSE CVE-2018-5685

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function coders/bmp.c. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value...