16 matches found
CVE-2025-62821
Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...
PT-2026-50877
Name of the Vulnerable Software and Affected Versions Microsoft HEIF Image Extensions version 1.2.22.0 Description An out-of-bounds read occurs because the CHEIFItemInfoEntry GetDataSize function can return a success status while leaving the reported data size at 0. This leads a caller to perform...
CVE-2025-62821
CVE-2025-62821 affects Microsoft HEIF Image Extensions 1.2.22.0. The issue is an out-of-bounds read caused by CHEIFItemInfoEntry_GetDataSize returning success while reporting data size as 0, leading to a 1-byte allocation. Later, CopyPixels computes copy_size = stride * abs(roi_height) without va...
CVE-2025-62821
Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...
EUVD-2020-9056
Malware in sbrugna...
CVE-2022-24457
HEIF Image Extensions Remote Code Execution Vulnerability...
CVE-2022-24457
HEIF Image Extensions Remote Code Execution Vulnerability...
Remote code execution
HEIF Image Extensions Remote Code Execution Vulnerability...
CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability
...
CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability
...
HEIF Image Extensions Remote Code Execution Vulnerability
...
Microsoft Windows HEIF Image Extensions RCE (March 2022)
The Windows HEIF Image Extension app installed on the remote host is affected by a remote code execution vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted file...
CVE-2020-17101
HEIF Image Extensions Remote Code Execution Vulnerability...
CVE-2020-17101
HEIF Image Extensions Remote Code Execution Vulnerability...
CVE-2020-17101 HEIF Image Extensions Remote Code Execution Vulnerability
...
KLA12004 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of...