CVE-2026-5313

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

CVE-2026-3748

A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a manipulation results in unrestricted upload. Remote exploitati...

CVE-2026-0660

CVE-2026-0660 describes a vulnerability where a malicious GIF file, parsed by Autodesk 3ds Max, can trigger a Stack-Based Buffer Overflow, allowing arbitrary code execution in the context of the current process. Affected product: Autodesk 3ds Max (explicitly noted in connected Nessus/Red Hat/CVE ...

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

GIMP 缓冲区错误漏洞

GIMP is an open source bitmap image editor from the GIMP team. GIMP suffers from a buffer error vulnerability that stems from unvalidated user data during FLI file parsing, which could lead to out-of-bounds writes and remote code execution...

The png_convert_to_rfc1123 function in png.c allows remote attackers to obtain sensitive process memory information

...

SUSE CVE-2011-2692

The pnghandlesCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly have...

SUSE CVE-2015-1860

Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a crafted GIF image...

Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens AG, Germany. Siemens Jt2go is a JT file viewer. An out-of-bounds read vulnerability exists in Siemens JT2Go versions prior to 13.2 and Teamcenter Visualization versions prior to 13.2. The vulnerability stems from a...

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

Format string

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...

CVE-2021-25345

CVE-2021-25345 concerns Samsung hwcomposer. Descriptions across sources identify a graphics format mismatch when hwcomposer converts video formats, occurring prior to SMR Mar-2021 Release 1, which results in a kernel panic due to an unsupported format. The vulnerability is tied to the hwcomposer ...

CVE-2020-13561

An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

advancecomp: integer overflow in png_compress in pngex.cc

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

CVE-2013-3906 : Zero Day Vulnerability in Microsoft Graphics Component

Microsoft has issued a temporary fix for a 0day vulnerability that can be exploited to install malware via infected Word documents. A Zero-day Remote code execution flaw, which has been dubbed CVE-2013-3906, exploits a vulnerability in a Microsoft graphics component, to target Microsoft Office...

Libpng库未知类型块处理远程代码执行漏洞

BUGTRAQ ID: 28770 CVECAN ID: CVE-2008-1382 libpng是多种应用程序所使用的解析PNG图形格式的函数库。 libpng库在处理畸形格式的PNG文件时存在漏洞，成功利用此漏洞允许本地攻击者读取敏感信息、导致拒绝服务或执行任意指令。 libpng库没有正确地处理未知类型的PNG块，如果使用该库的应用程序在特定情况下调用了pngsetreaduserchunkfn或pngsetkeepunknownchunks函数的话，长度为0的PNG块就会导致通过free调用使用未初始化的内存。 0 libpng libpng 1.2.0 - 1.2.26...

Fedora 7 : openoffice.org-2.2.1-18.2.fc7 (2007-2372)

This security updates addresses CVE-2007-2834 a flaw in how openoffice.org handles corrupt TIFF graphic format file headers Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

Fedora Core 6 : openoffice.org-2.0.4-5.5.24 (2007-700)

This security updates addresses CVE-2007-2834 a flaw in how openoffice.org handles corrupt TIFF graphic format file headers Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...