ROS-20250905-09

Vulnerability of ImageMagick console graphic editor related to integer overflow on BMP encoder step calculation. calculation of BMP encoder bitmap string step. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

ROS-20250905-10

Vulnerability of ImageMagick console graphic editor related to integer overflow on BMP encoder step calculation. calculation of BMP encoder bitmap string step. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'

...

[SECURITY] Fedora 41 Update: libsixel-1.10.5-3.fc41

An encoder/decoder implementation for DEC SIXEL graphics...

[SECURITY] Fedora 42 Update: libsixel-1.10.5-4.fc42

An encoder/decoder implementation for DEC SIXEL graphics...

Linux Distros Unpatched Vulnerability : CVE-2025-5262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory...

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

...

Linux Distros Unpatched Vulnerability : CVE-2025-57803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit...

Linux Distros Unpatched Vulnerability : CVE-2025-8836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the componen...

Linux Distros Unpatched Vulnerability : CVE-2021-46700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libsixel 1.8.6, sixelencoderoutputwithoutmacro called from sixelencoderencodeframe in encoder.c has a double free. CVE-2021-46700 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2020-27823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenJPEG's encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest...

Linux Distros Unpatched Vulnerability : CVE-2020-21677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow in the sixelencoderoutputwithoutmacro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service DOS via...

GHSA-9Q78-27F3-2JMH webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

CVE-2025-57803

A flaw was found in ImageMagick. In 32-bit builds, the Bitmap encoder miscalculates the stride value when processing images with very large with. Mathematically, the stride value is calculated as width multiplied by 3 but the theoretical limit of such value is 2^32 for 32-bit integers. So, if thi...

Linux Distros Unpatched Vulnerability : CVE-2025-1594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c...

Linux Distros Unpatched Vulnerability : CVE-2018-13305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an...

DEBIAN-CVE-2025-57803

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...

UBUNTU-CVE-2025-57803

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...

CVE-2025-57803

ImageMagick is affected by CVE-2025-57803 on 32-bit builds via the BMP decoder (ReadBMP). In coders/bmp.c, the vulnerability arises when computing extent = image->columns × bits_per_pixel, which overflows a 32-bit size_t and collapses bytes_per_line to a small value, causing the per-row writer...