CLSA-2025-1759856402 Fix CVE(s): CVE-2025-57803

SECURITY UPDATE: integer Overflow in BMP Encoder - debian/patches/CVE-2025-57803.patch: Fix buffer overflow issue in BMP decoder caused by insufficient memory allocation - CVE-2025-57803...

SUSE-SU-2022:0104-2 Security update for SDL2

This update for SDL2 fixes the following issues: - CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP bsc1181202. - CVE-2020-14410: Fixed heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a...

USN-4190-1 libjpeg-turbo vulnerabilities

It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-14498 It was discovered that libjpeg-turbo incorrectly handled certain...

USN-4003-1 qtbase-opensource-src vulnerabilities

It was discovered that Qt incorrectly handled certain XML documents. A remote attacker could use this issue with a specially crafted XML document to cause Qt to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-15518 It was discovered that Qt incorrectly handle...

Socusoft Photo To Video Converter Handles BMP with Memory Corruption Vulnerability (CNVD-2018-19754)

Socusoft Photo To Video Converter is a free slideshow maker that converts a bunch of photos into one video file. Socusoft Photo To Video Converter handles BMP with a memory corruption vulnerability that can be exploited by attackers to cause the program to crash by constructing malformed BMP imag...

2345 Viewer Handles BMP Images with Denial of Service Vulnerability

2345 Viewer is one of the fastest and most format-compatible high-definition image viewing software. A denial-of-service vulnerability exists in the handling of BMP images in 2345 Chart Viewer. An attacker who exploits this vulnerability to construct a malformed BMP image can cause the program to...

Memory Corruption Vulnerability in SunlitGreen Photo Editor's BMP Handling

SunlitGreen Photo Editor is a document format editing tool. A memory corruption vulnerability exists in SunlitGreen Photo Editor when processing BMP images. An attacker could cause the program to crash or lead to arbitrary code execution by constructing malformed BMP format images...

Memory Corruption Vulnerability in Pomelo Camera's Handling of BMP Files

Pomelo Camera POMELO is a mobile photography + photo beautification APP from Meitu Xiu Xiu. A memory corruption vulnerability exists in Pomelo Camera's handling of BMP files. An attacker can exploit the vulnerability to crash the program by constructing a malformed BMP image. Successful...

CVE-2015-8870

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service heap-based buffer over-read, or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file...

GdkPixbuf BMP parser may enter an infinite loop

Overview A vulnerability exists in the BMP handling of GdkPixbuf. This vulnerability can lead to a denial-of-service condition. Description GdkPixbuf is a library used by GTK+ 2 for loading and rendering images. GTK+ is a multi-platform toolkit for creating graphical user interfaces. It is used b...

MDKSA-2004:020 - Updated gdk-pixbuf packages fix BMP-handling vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: gdk-pixbuf Advisory ID: MDKSA-2004:020 Date: March 10th, 2004 Affected versions: Corporate Server 2.1 Problem Description: A vulnerability in gdk-pixbuf versions before 0.20 exists that could allow ...