JLSEC-2026-363

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...

Astra Linux – Vulnerability in imagemagick

ImageMagick is a open-source software suite for displaying, converting, and editing raster image files. In versions of ImageMagick prior to 7.1.2-7 and 6.9.13-32, there is an integer overflow vulnerability in the BMP decoder on 32-bit systems. The vulnerability occurs in the coders/bmp.c file,...

Astra Linux - уязвимость в libsdl2

SDL Simple DirectMedia Layer version 2.0.12 has a heap-based buffer over-read issue in the function Blit3or4to3or4inversedrgb in the file video/SDLblitN.c, caused by a malicious .BMP file...

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

Linux Distros Unpatched Vulnerability : CVE-2018-5727

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opjt1encodecblks function openjp2/t1.c. Remote attackers could leverage this vulnerability ...

CVE-2025-32468

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...

UBUNTU-CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-46407

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...

CVE-2025-32468

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...

CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

IrfanView 安全漏洞

IrfanView is a very fast, small, compact and innovative free graphics viewer for Windows 9x, ME, NT, 2000, XP, 2003, 2008, Vista, Windows 7, Windows 8, Windows 10. A denial of service vulnerability exists in IrfanView version 4.54. The vulnerability stems from data from the wrong address being us...

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53165)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted BMP file...

CVE-2019-5088

An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional 14.0.7 x64. A specially crafted BMP file can cause an out-of-bounds memory write, allowing a potential attacker to execute arbitrary code on the victim machine. Can trigger this vulnerability by sendin...

UBUNTU-CVE-2018-20467

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

Memory Corruption Vulnerability in 2345 Viewer V9.0

2345 Viewer is one of the fastest and most format-compatible high-definition image viewing software. A memory corruption vulnerability exists in 2345 Viewer V9.0 when parsing the BMP file format, which allows an attacker to construct a malicious BMP image file to trigger a memory corruption,...

DEBIAN-CVE-2016-10507

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted bmp file...

ImageWorsener 'src/imagew-bmp.c' Denial of Service Vulnerability

ImageWorsener is a set of image scaling and processing utilities. A security vulnerability exists in the 'iwreadbmpfile' function in the imagew-bmp.c file of libimageworsener.a in ImageWorsener version 1.3.0. A remote attacker can exploit this vulnerability to consume available memory with the he...

Mozilla: Heap overflow in gdk-pixbuf when scaling bitmap images (MFSA 2015-88)

An integer overflow, leading to a heap-based buffer overflow, was found in the way gdk-pixbuf, an image loading library for GNOME, scaled certain bitmap format images. An attacker could use a specially crafted BMP image file that, when processed by an application compiled against the gdk-pixbuf...