EUVD-2021-34074

Malicious code in bioql PyPI...

Denial Of Service (DoS)

ImageMagick is vulnerable to Denial of Service. The vulnerability is due to improper handling of geometry strings containing only a colon ":", which sets width/height to zero and leads to a divide-by-zero error, which allows an attacker to crash the application via a crafted input...

Linux Distros Unpatched Vulnerability : CVE-2021-41160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger ou...

CVE-2025-55212

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon ":" to montage -geometry leads GetGeometry to set width/height to 0. Later, ThumbnailImage divides by these zer...

ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry ":" leads to crash

Summary Passing a geometry string containing only a colon ":" to montage -geometry leads GetGeometry to set width/height to 0. Later, ThumbnailImage divides by these zero dimensions, triggering a crash SIGFPE/abort, resulting in a denial of service. Details Root Cause 1. montage -geometry ":"...

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero via the startinputtga function in rdtarga.c. An attacker can cause a denial of service by sending an image with a zero width or height, resulting in a SIGFPE. Remediation A fix was pushed into the master branch but not...

Linux Distros Unpatched Vulnerability : CVE-2021-4216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Floating point exception division-by-zero flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream. CVE-2021-4216...

freerdp: freerdp_image_copy out of bound read

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

GHSA-MPCW-3J5P-P99X Butterfly's parseJSON, getJSON functions eval malicious input, leading to remote code execution (RCE)

Summary Usage of the Butterfly.prototype.parseJSON or getJSON functions on an attacker-controlled crafted input string allows the attacker to execute arbitrary JavaScript code on the server. Since Butterfly JavaScript code has access to Java classes, it can run arbitrary programs. Details The...

SUSE CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

DEBIAN-CVE-2024-32659

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if nWidth == 0 and nHeight == 0. Version 3.5.1 contains a patch for the issue. No known workarounds are available...

Index out of bounds leading to crash

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

CVE-2023-36307

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

CVE-2023-36307

ZPLGFA 1.1.1 allows attackers to cause a panic because of an integer index out of range during a ConvertToGraphicField call via an image of zero width. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence...

ZPLGFA Input Validation Error Vulnerability

ZPLGFA is a Go package from Simon Waldherr's personal developer. It is used to convert PNG, JPEG and GIF encoded graphic files into ZPL compatible ^GF elements graphic fields. A security vulnerability exists in ZPLGFA version 1.1.1, which stems from allowing an attacker to cause a panic with a...

CVE-2023-36307

CVE-2023-36307 affects ZPLGFA 1.1.1. The root cause is an integer index out of range in ConvertToGraphicField when processing a zero-width image, causing a panic/crash. The description notes unclear security consequences in typical use. Remediation hints from PT-2023-25522 suggest avoiding zero-w...

PT-2023-25522 · Zplgfa · Zplgfa

Name of the Vulnerable Software and Affected Versions: ZPLGFA version 1.1.1 Description: The issue allows attackers to cause a panic due to an integer index out of range during a ConvertToGraphicField call via an image of zero width. It is unclear whether there are common use cases in which this...

SUSE CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

SUSE CVE-2007-0243

Buffer overflow in Sun JDK and Java Runtime Environment JRE 5.0 Update 9 and earlier, SDK and JRE 1.4.212 and earlier, and SDK and JRE 1.3.118 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption...