CVE-2026-4887 Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

EUVD-2018-1878

Malware in sbrugna...

SUSE CVE-2017-7606

coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...

USN-5835-3 nova vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information...

PT-2022-4361 · Hdf5 +3 · Libhdf5 +3

Name of the Vulnerable Software and Affected Versions: HDF5 Group libhdf5 version 1.10.4 Description: An out-of-bounds write issue exists in the gif2h5 functionality, allowing code execution through a specially-crafted GIF file. An attacker can trigger this issue by providing a malicious file,...

CVE-2022-23906

CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution RCE vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file...

UBUNTU-CVE-2021-29457

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An...

Apple CoreMedia Buffer Error Vulnerability

Apple CoreMedia is an Apple Inc. core component used in mobile devices for processing media data. Apple CoreMedia suffers from a buffer error vulnerability that exists due to a boundary condition within the CoreMedia component in macOS. A remote attacker could create a specially crafted image and...

Heap Overwrite Vulnerability in Light and Shadow Magic Hand of Shenzhen Xunlei.com Culture Limited (CNVD-2020-58814)

LightShadow Magic Hand is a software for improving and enhancing image quality and effect processing. Shenzhen Xunlei.com Culture Co., Ltd LightShadow Magic Hand has a heap of out-of-bounds writing vulnerabilities, an attacker can construct a special picture to cause the software to crash, and ca...

Heap Overwrite Vulnerability in Light and Shadow Magic Hand of Shenzhen Xunlei.com Culture Limited (CNVD-2020-58811)

LightShadow Magic Hand is a software for improving and enhancing image quality and effect processing. Shenzhen Xunlei.com Culture Co., Ltd LightShadow Magic Hand has a heap of out-of-bounds writing vulnerabilities, an attacker can construct a special picture to cause the software to crash, and ca...

CVE-2019-12921

In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG...

kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image

The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/xattr.c:ext4xattrinodehash function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a NULL pointer dereference with a crafted ext4 image...

Simple DirectMedia Layer SDL2_image Heap Buffer Overflow Vulnerability

Simple DirectMedia Layer is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software, and emulators. sdl2image is a component used in it for parsing and displaying various image file formats. A heap buffer overflow vulnerability exists in th...

Simple DirectMedia Layer SDL2_image Information Disclosure Vulnerability (CNVD-2018-08711)

Simple DirectMedia Layer is a cross-platform development library that provides low-level access to audio, keyboard, mouse, and graphics hardware devices, etc. via OpenGL and Direct3D. A security vulnerability exists in the PCX image rendering feature of Simple DirectMedia Layer SDL2image-2.0.2. T...

UBUNTU-CVE-2017-7598

tifdirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted image...