webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

GHSA-9Q78-27F3-2JMH webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

CVE-2025-57803

A flaw was found in ImageMagick. In 32-bit builds, the Bitmap encoder miscalculates the stride value when processing images with very large with. Mathematically, the stride value is calculated as width multiplied by 3 but the theoretical limit of such value is 2^32 for 32-bit integers. So, if thi...

Linux Distros Unpatched Vulnerability : CVE-2025-1594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c...

Linux Distros Unpatched Vulnerability : CVE-2018-13305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an...

DEBIAN-CVE-2025-57803

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...

UBUNTU-CVE-2025-57803

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...

CVE-2025-57803

ImageMagick is affected by CVE-2025-57803 on 32-bit builds via the BMP decoder (ReadBMP). In coders/bmp.c, the vulnerability arises when computing extent = image->columns × bits_per_pixel, which overflows a 32-bit size_t and collapses bytes_per_line to a small value, causing the per-row writer...

CVE-2025-57803

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...

ImageMagick 安全漏洞

ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert, or write images in a variety of formats. A security vulnerability exists in ImageMagick versions prior to 6.9.13-28 and prior to 7.1.2-2, which stems from a 32-bit integer overflow ...

Attackers Strike Back? Not Anymore -- an Ensemble of RL Defenders Awakens for APT Detection

Advanced Persistent Threats APTs represent a growing menace to modern digital infrastructure. Unlike traditional cyberattacks, APTs are stealthy, adaptive, and long-lasting, often bypassing signature-based detection systems. This paper introduces a novel framework for APT detection that unites de...

PT-2025-34799

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-28 and 7.1.2-2 Description ImageMagick is free and open-source software used for editing and manipulating digital images. A 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses...

Astra Linux – Vulnerability in ffmpeg

A vulnerability, classified as critical, was discovered in FFmpeg version 7.1. This vulnerability affects the ffaacsearchfortns function in the libavcodec/aacenctns.c file of the AAC Encoder component. The vulnerability allows for a stack-based buffer overflow attack. The attack can be initiated...

DEBIAN-CVE-2025-9300

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...

CVE-2025-9300

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...

UBUNTU-CVE-2025-9300

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...

CVE-2025-9300 saitoha libsixel img2sixel encoder.c sixel_debug_print_palette stack-based overflow

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...

Linux Distros Unpatched Vulnerability : CVE-2023-50010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ffgradfunblurlinemovdqasse2, as demonstrated by a call to the setencoderid function in...

Linux Distros Unpatched Vulnerability : CVE-2020-27842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a...

OSV-2025-634 Null-dereference READ in [email protected]

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=438294044 Crash type: Null-dereference READ Crash state: [email protected]...