An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw a local attacker with user privilege may gain access to out-of-bounds memory leading to a system integrity and confidentiality threat.

...

CVE-2021-46645

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-46616

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-46605

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-46615

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-46605

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

ffjpeg 代码问题漏洞

ffjpeg is a JPEG encoder/decoder by the individual developer Kai Chen in China. A rejection vulnerability exists in ffjpeg, which originates when the size information in the metadata of a bmp is out of range, it returns without allocating a memory buffer to pb-pdata and without exiting the progra...

AlmaLinux 8 : autotrace (ALSA-2021:4519)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4519 advisory. - A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed...

ROS-20220125-07

A vulnerability in the GIMP bitmap graphics editor is related to improper input validation, where the path name in the constructed command line is not escaped or filtered. Exploitation of the vulnerability could allow an attacker acting remotely to send special data to the application and execute...

Bentley Systems MicroStation 安全漏洞

Bentley MicroStation CONNECT is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, Inc. A buffer overflow vulnerability exists in Bentley MicroStation CONNECT 10.16.0.80 when parsing BMP images, which stems from a failure to Lack of proper validation of the length...

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

PT-2022-5416 · Corel · Coreldraw Graphics Suite

Name of the Vulnerable Software and Affected Versions: Corel CorelDRAW Graphics Suite version 23.5.0.506 Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this, where the target must visit a malicio...

CVE-2021-34903

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2021-34907

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

DEBIAN-CVE-2021-43579

A stack-based buffer overflow in imageloadbmp in HTMLDOC = 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file...

UBUNTU-CVE-2021-43579

A stack-based buffer overflow in imageloadbmp in HTMLDOC = 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file...

CVE-2021-44423

An out-of-bounds read vulnerability exists when reading a BMP file using Open Design Alliance ODA Drawings Explorer before 2022.12. The specific issue exists after loading BMP files. Unchecked input data from a crafted BMP file leads to an out-of-bounds read. An attacker can leverage this...

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite) causing stack consumption in NTFS-3G < 2021.8.22.

...

Siemens Syngo FastView 缓冲区错误漏洞

Siemens Syngo FastView is a standalone viewer of Dicom 2 images available on Dicom exchange media from Siemens, Germany. An out-of-bounds write vulnerability exists in Siemens Syngo FastView, which stems from a lack of proper validation of user-supplied data when parsing BMP files. An attacker...

PT-2021-7803 · Siemens · Syngo Fastview

Name of the Vulnerable Software and Affected Versions: syngo fastView All versions Description: A vulnerability has been identified in the affected application, which lacks proper validation of user-supplied data when parsing BMP files. This could result in a write-what-where condition, allowing ...