Lucene search
K

2473 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : autotrace-0.31.1-65.el9 (AXSA:2023-5497:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5497:01 advisory. autotrace: heap-buffer overflow via the ReadImage at input-bmp.c CVE-2022-32323 Tenable has extracted the preceding description block directly from the...

7.3CVSS7.5AI score0.00879EPSS
Exploits0References2
nessus
nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : libtiff-3.9.4-21.AXS4 (AXSA:2017-1285:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1285:01 advisory. The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file...

9.8CVSS8.2AI score0.04767EPSS
Exploits3References9
nessus
nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 7 : ImageMagick-6.9.10.68-7.0.7.el7.AXS7 (AXSA:2025-11533:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11533:04 advisory. CVE-2025-62171: add overflow check before calculating extent in the BMP decoder CVEs: CVE-2025-62171 ImageMagick is an open source software suite for...

8.8CVSS7.2AI score0.00794EPSS
Exploits2References2
nessus
nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 7 : libtiff-4.0.3-35.0.3.el7.AXS7 (AXSA:2025-10907:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10907:02 advisory. CVE-2017-9117: add checks for all BMP reading operations to avoid buffer overflow CVEs: CVE-2017-9117 In LibTIFF 4.0.6 and possibly other versions, the...

9.8CVSS7.3AI score0.02221EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/01/09 11:28 a.m.8 views

CVE-2021-33657

There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution...

8.8CVSS7.1AI score0.01986EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 8:50 a.m.29 views

CVE-2021-31513

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.01811EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/01 10:45 a.m.6 views

CVE-2025-15279

A flaw was found in FontForge. This heap-based buffer overflow vulnerability occurs during the parsing of pixels within BMP Bitmap files, due to insufficient validation of user-supplied data length. A remote attacker could exploit this by tricking a user into opening a malicious BMP file or...

7.8CVSS7.7AI score0.00259EPSS
Exploits0References4
nvd
nvd
added 2025/12/31 7:15 a.m.4 views

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS0.00259EPSS
Exploits0References1
osv
osv
added 2025/12/31 7:15 a.m.3 views

UBUNTU-CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS7.7AI score0.00259EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/12/31 6:59 a.m.1 views

CVE-2025-15279 FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS7.8AI score0.00259EPSS
Exploits0References1
cve
cve
added 2025/12/31 6:59 a.m.39 views

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow (CVE-2025-15279) is a remote code execution vulnerability in FontForge. The flaw arises when parsing BMP pixel data and copying unvalidated user-supplied length to a heap buffer, allowing arbitrary code execution in the attacker’s conte...

7.8CVSS7.2AI score0.00259EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/12/31 6:59 a.m.29 views

CVE-2025-15279 FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS0.00259EPSS
Exploits0References1
debiancve
debiancve
added 2025/12/31 6:59 a.m.4 views

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS8.2AI score0.00259EPSS
Exploits0
nessus
nessus
added 2025/12/31 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-15279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrar...

7.8CVSS7.6AI score0.00259EPSS
Exploits0References3
nessus
nessus
added 2025/12/18 12:0 a.m.6 views

openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

9.8CVSS6.4AI score0.04065EPSS
Exploits6References18
packetstorm
packetstorm
added 2025/12/16 12:0 a.m.155 views

📄 HTMLDOC 1.9.13 Stack Buffer Overflow

Proof of concept exploit written in PHP for HTMLDOC version 1.9.13 that generates a malicious BMP file that will trigger a stack buffer overflow vulnerability...

7.8CVSS8AI score0.07349EPSS
Exploits4
osv
osv
added 2025/12/15 9:56 a.m.5 views

SUSE-SU-2025:21211-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

9.8CVSS5.9AI score0.04065EPSS
Exploits6References13
osv
osv
added 2025/12/15 9:55 a.m.4 views

OPENSUSE-SU-2025:20162-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

9.8CVSS5.9AI score0.04065EPSS
Exploits6References12
osv
osv
added 2025/12/03 2:53 p.m.7 views

CLSA-2025-1764773600 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems caused by memory allocation failure - CVE-2025-62171...

7.5CVSS5.9AI score0.00738EPSS
Exploits1References1
osv
osv
added 2025/11/28 10:9 a.m.8 views

CLSA-2025-1764324579 Fix CVE(s): CVE-2025-62171

SECURITY UPDATE: integer overflow vulnerability in BMP decoder on 32-bit systems - debian/patches/CVE-2025-62171.patch: add extra check to resolve issue on 32-bit systems - CVE-2025-62171...

7.5CVSS5.9AI score0.00738EPSS
Exploits1References1
Rows per page
Query Builder