EUVD-2017-5827

Malware in sbrugna...

CVE-2025-47752

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...

CVE-2025-25361

An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of PublicCMS v4.0.202406 allows attackers to execute arbitrary code via uploading a crafted svg or xml file...

USN-7225-1: HTMLDOC vulnerabilities

It was discovered that HTMLDOC incorrectly handled memory in the imagesetmask, gitreadlzw, writeheader and writenode functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected...

CVE-2024-44825

CVE-2024-44825 concerns InVesalius3 (v3.1.99995). Affected component is the .inv3 file handling, enabling a directory traversal that lets an attacker write arbitrary files to the system. The vulnerability is evidenced across multiple feeds (NVD, Red Hat, CIRCL, CVE List) with the core description...

CVE-2021-23210

A floating point exception divide-by-zero issue was discovered in SoX in functon readsamples of voc.c file. An attacker with a crafted file, could cause an application to crash...

GPAC Heap Overflow Vulnerability

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A heap overflow vulnerability exists in the gfhevcreadppsbsinternal function in mediatools/avparsers.c in GPAC version 1.0.1. An attacker can exploit this vulnerability via specially crafted files to cause a...

GPAC Null Pointer Dereference Vulnerability (CNVD-2021-30177)

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A null pointer dereference vulnerability exists in the gfisomsetextractionslc function in GPAC version 1.0.1. An attacker could exploit this vulnerability via specially crafted files to cause a denial of service...

ImageMagick De-Zero Vulnerability (CNVD-2021-23797)

ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. A de-zero vulnerability exists in coders/webp.c in versions prior to ImageMagick 7.0.10-62. An attacker can exploit this vulnerability via specially crafted files to...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1836)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2018:3191-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. bsc1111069 -...

CVE-2017-18229

An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile...

SUSE-SU-2018:0197-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes several issues. These security issues were fixed: - CVE-2017-14343: Fixed a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file bsc1058422 - CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allowed remote attackers t...

SUSE-SU-2017:1600-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: This security issue was fixed: - CVE-2017-7941: The ReadSGIImage function in sgi.c allowed remote attackers to consume an amount of available memory via a crafted file bsc1034876. - CVE-2017-8351: ImageMagick, GraphicsMagick: denial of...