CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

PT-2026-50877

Name of the Vulnerable Software and Affected Versions Microsoft HEIF Image Extensions version 1.2.22.0 Description An out-of-bounds read occurs because the CHEIFItemInfoEntry GetDataSize function can return a success status while leaving the reported data size at 0. This leads a caller to perform...

CVE-2025-62821

CVE-2025-62821 affects Microsoft HEIF Image Extensions 1.2.22.0. The issue is an out-of-bounds read caused by CHEIFItemInfoEntry_GetDataSize returning success while reporting data size as 0, leading to a 1-byte allocation. Later, CopyPixels computes copy_size = stride * abs(roi_height) without va...

EUVD-2020-9056

Malware in sbrugna...

EUVD-2022-29339

Malicious code in bioql PyPI...

CVE-2025-29769 libvips has a potential heap-based buffer overflow when attempting to convert multiband TIFF input to HEIF output

libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't...

tifig 资源管理错误漏洞

tifig is a Monostream open source fast HEIF image converter for thumbnails. A security vulnerability exists in tifig version v0.2.2, which stems from a heap-release reuse of its temInfoEntry function...

tifig 安全漏洞

tifig is Monostream open source a fast HEIF image converter for thumbnails. tifig v0.2.2 version has a security vulnerability , the vulnerability stems from its /asan/asannewdelete.cpp component in the new has a memory leak...

CVE-2022-24457

HEIF Image Extensions Remote Code Execution Vulnerability...

CVE-2022-24457

HEIF Image Extensions Remote Code Execution Vulnerability...

Remote code execution

HEIF Image Extensions Remote Code Execution Vulnerability...

CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability

...

CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability

...

March 2022 Patch Tuesday: Microsoft Releases 92 Vulnerabilities with 3 Critical; Adobe Releases 3 Advisories, 6 Vulnerabilities with 5 Critical.

Microsoft Patch Tuesday Summary Microsoft has fixed 92 vulnerabilities, including 21 Microsoft Edge vulnerabilities, in the March 2022 update, with three 3 classified as Critical as they allow Remote Code Execution RCE. This months Patch Tuesday release includes fixes for three 3 publicly disclos...

HEIF Image Extensions Remote Code Execution Vulnerability

...

Microsoft Windows HEIF Image Extensions RCE (March 2022)

The Windows HEIF Image Extension app installed on the remote host is affected by a remote code execution vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file...

Heif 缓冲区错误漏洞

HEIF refers to High Efficiency Image File Format, a file format for single images or image sequences. hevcDecoderConfigurationRecord::getPicHeight function in hevcdecoderconfigrecord.cpp in HEIF 3.6.2 and earlier versions A global buffer overflow vulnerability exists. An attacker can exploit this...

CVE-2020-17101

HEIF Image Extensions Remote Code Execution Vulnerability...

CVE-2020-17101

HEIF Image Extensions Remote Code Execution Vulnerability...