CVE-2025-55212

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon ":" to montage -geometry leads GetGeometry to set width/height to 0. Later, ThumbnailImage divides by these zer...

ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry ":" leads to crash

Summary Passing a geometry string containing only a colon ":" to montage -geometry leads GetGeometry to set width/height to 0. Later, ThumbnailImage divides by these zero dimensions, triggering a crash SIGFPE/abort, resulting in a denial of service. Details Root Cause 1. montage -geometry ":"...

Linux Distros Unpatched Vulnerability : CVE-2017-17081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause...

Linux Distros Unpatched Vulnerability : CVE-2019-13962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap- based buffer over-read because it does not properly...

libvpx: Integer overflow in vpx_img_alloc()

A flaw was found in libvpx. When creating images, libvpx trusts the width, height, and alignment of the user input. However, it does not properly validate the provided values. This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of valu...

SUSE CVE-2022-50182

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

DEBIAN-CVE-2022-50182

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

PT-2025-15235 · Unknown · Tarteaucitron.Js

Name of the Vulnerable Software and Affected Versions: tarteaucitron.js versions prior to 1.20.1 Description: A vulnerability was identified in tarteaucitron.js where user-controlled inputs for element dimensions width and height were not properly validated. This allowed an attacker with direct...

UBUNTU-CVE-2025-3016

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulation of the argument...

bootplus 资源管理错误漏洞

bootplus is a privilege management framework by JoeyBling Personal Developer. A resource management error vulnerability exists in bootplus, which stems from the parameter w/h in the file src/main/java/io/github/controller/QrCodeController.java that causes resource consumption...

freerdp: freerdp_image_copy out of bound read

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

ALPINE-CVE-2024-5171

Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and so...

freerdp: invalid offset validation leading to Out Of Bound Write

A flaw was found in FreeRDP. An out-of-bounds write may occur when the values rect-left and rect-top are exactly equal to surface-width and surface-height. eg. rect-left == surface-width && rect-top == surface-height. This issue can result in a crash...

SUSE CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

DEBIAN-CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

kernel: fbcon: shift-out-of-bounds in fbcon_set_font()

A flaw was found in the Framebuffer Console fbcon in the Linux Kernel. When providing a font-width and font-height greater than 32 to the fbconsetfont, since there are no checks in place, a shift-out-of-bounds occurs, leading to undefined behavior and possible denial of service...

CVE-2023-6684

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ive' shortcode in versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on 'width' and 'height' user supplied attribute. This makes it possib...

WordPress Plugin Ibtana Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-15049 · WordPress · Ibtana

Name of the Vulnerable Software and Affected Versions: Ibtana – WordPress Website Builder plugin for WordPress versions up to, and including, 1.2.2 Description: The issue is related to Stored Cross-Site Scripting via the 'ive' shortcode due to insufficient input sanitization and output escaping o...