17 matches found
CVE-2026-40915
A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when processing pixel...
EUVD-2017-3363
Malware in sbrugna...
EUVD-2009-0262
Malware in sbrugna...
SUSE CVE-2017-11753
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...
NASA CFITSIO Buffer Overflow Vulnerability
NASA CFITSIO is a FITS file subroutine library that is primarily used to read and write data files in the FITS Flexible Image Transfer System format. A buffer overflow vulnerability exists in NASA CFITSIO versions prior to 3.43. The vulnerability stems from a networked system or product performin...
The vulnerability of the GetImageDepth function in MagickCore/attribute.c, a console-based graphic editor for ImageMagick, allows a hacker to cause a service failure.
The vulnerability of the GetImageDepth function in MagickCore/attribute.c of the ImageMagick console graphic editor is related to the writing of data beyond the specified buffer. Exploiting this vulnerability can allow a malicious actor to cause a service failure rereading of the buffer in dynami...
CVE-2017-11753
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...
CVE-2017-11753
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...
Heap overflow
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...
CVE-2017-11753
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...
CVE-2017-11753
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...
CVE-2017-11753
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service heap-based buffer over-read via a crafted Flexible Image Transport System FITS file...
CVE-2017-11753
CVE-2017-11753 affects ImageMagick; the GetImageDepth function in MagickCore/attribute.c may cause a heap-based buffer over-read when processing a crafted FITS file, potentially enabling denial of service. Affected version noted as ImageMagick 7.0.6-4 in the provided document. No exploit details ...
CVE-2009-0254
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System FITS file. NOTE: some of these details are obtained from third party information...
CVE-2009-0254
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System FITS file. NOTE: some of these details are obtained from third party information...
CVE-2009-0254
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System FITS file. NOTE: some of these details are obtained from third party information...
CVE-2009-0254
CVE-2009-0254 involves a stack-based buffer overflow in easyHDR PRO 1.60.2 triggered by processing an invalid FITS file. The vulnerability could allow a user‑assisted attacker to execute arbitrary code, with the NVD entry modeling it as a network‑vector issue and providing a high impact. The conn...