2533 matches found
CVE-2025-46407
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...
CVE-2025-46407
The CVE-2025-46407 entry concerns a memory corruption vulnerability in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. The root cause is an integer overflow while reading the palette from a specially crafted BMP file, which can overflow a heap-based buffer. Thi...
CVE-2025-46407
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...
CVE-2025-32468
CVE-2025-32468 : A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp, an integer overflow occurs during stride calculation, leading to a heap-based buffer overflow during decoding and p...
CVE-2025-32468
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...
CVE-2025-32468
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...
CVE-2025-32468
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...
CVE-2025-52930
CVE-2025-52930 affects the BMPv3 RLE Decoding functionality in the SAIL Image Decoding Library v0.9.8 . A memory corruption due to a heap-based buffer overflow during BMP data decompression can lead to remote code execution if an attacker can induce the library to read a specially crafted BMP fil...
CVE-2025-52930
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-52930
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
Linux Distros Unpatched Vulnerability : CVE-2018-20185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows...
PT-2025-34616
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the BMPv3 Image Decoding functionality. Loading a specially crafted .bmp file can cause an integer overflow when calculating the stride for decoding,...
Linux Distros Unpatched Vulnerability : CVE-2016-9113
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image-comps0.data is not assigned a value after...
Linux Distros Unpatched Vulnerability : CVE-2019-14289
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the multiple bytes per line cas...
SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2221 SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52930 SUMMARY A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...
SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2216 SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-32468 SUMMARY A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...
Linux Distros Unpatched Vulnerability : CVE-2016-3619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DumpModeEncode function in tifdumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the -c none option is used, allows remote attackers to caus...
Linux Distros Unpatched Vulnerability : CVE-2016-8685
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service invalid memory access and crash via a crafted BMP imag...
Linux Distros Unpatched Vulnerability : CVE-2022-48619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service panic because inputsetcapability...
PT-2025-34799
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-28 and 7.1.2-2 Description ImageMagick is free and open-source software used for editing and manipulating digital images. A 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses...