CVE-2026-43903

A flaw was found in OpenImageIO. A remote attacker could exploit this vulnerability by providing a specially crafted .sgi image file. This file, with a Run-Length Encoding RLE count exceeding the scanline width, can cause a heap buffer overflow. Successful exploitation leads to a denial of servic...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the sgiinput.cpp process when handling SGI RLE image files. An attacker can cause a heap buffer overflow and crash the application by supplying a crafted .sgi file with an RLE count exceeding the scanline width...

DEBIAN-CVE-2026-43903

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIODASSERT for bounds checking in the RLE decode loop. In release builds, OIIODASSERT compiles to voidsizeofx...

Apple macOS ImageIO SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

EUVD-2006-5852

Malware in sbrugna...

EUVD-2020-0133

Malware in sbrugna...

EUVD-2016-5587

Malware in sbrugna...

EUVD-2005-0763

Malware in sbrugna...

CVE-2024-35213

An improper input validation vulnerability in the SGI Image Codec of QNX SDP versions 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process...

CVE-2024-35213

An improper input validation vulnerability in the SGI Image Codec of QNX SDP versions 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process...

CVE-2024-35213 Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP)

An improper input validation vulnerability in the SGI Image Codec of QNX SDP versions 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process...

CVE-2024-35213 Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP)

An improper input validation vulnerability in the SGI Image Codec of QNX SDP versions 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process...

CVE-2024-35213

CVE-2024-35213 pertains to an improper input validation in the SGI Image Codec of BlackBerry QNX SDP, affecting versions 6.6, 7.0, and 7.1. The vulnerability could allow an attacker to cause a denial-of-service or execute code within the image processing process. Concrete technical details across...

BIT-PILLOW-2020-11538

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...

Rocky Linux 8 : python-pillow (RLSA-2020:3185)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:3185 advisory. - In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than...

SUSE CVE-2006-4144

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via large 1 bytesperpixel, 2 columns, and 3 rows values, which trigger a heap-based buffer overflow...

SUSE CVE-2006-5868

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image...

SUSE CVE-2017-15217

ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c...

SUSE CVE-2018-17965

ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c...

EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2021-1729)

According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.CVE-2020-5313 - An out-of-bounds write flaw was...