9 matches found
CVE-2025-53510
The CVE-2025-53510 entry concerns the SAIL Image Decoding Library (v0.9.8) PSD image decoding path. A memory corruption occurs when decoding a specially crafted PSD: an integer overflow in stride calculation triggers a heap-based buffer overflow, enabling remote code execution after the library r...
CVE-2025-32468
CVE-2025-32468 : A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp, an integer overflow occurs during stride calculation, leading to a heap-based buffer overflow during decoding and p...
CVE-2025-46407
The CVE-2025-46407 entry concerns a memory corruption vulnerability in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. The root cause is an integer overflow while reading the palette from a specially crafted BMP file, which can overflow a heap-based buffer. Thi...
CVE-2025-50129
The CVE-2025-50129 entry concerns the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. A memory corruption vulnerability exists in the PCX/ TGA decoding path that can trigger a heap-based buffer overflow when processing specially crafted .tga image data, enabling remote...
CVE-2025-53085
CVE-2025-53085 impacts the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8 . The vulnerability is described as a memory corruption causing a heap-based buffer overflow when decompressing image data from a specially crafted PSD file, enabling remote code execution. Exploit...
CVE-2025-35984
An active CVE affecting the SAIL Image Decoding Library (PCX decoding). A memory corruption in the PCX image decoding functionality (SAIL Image Decoding Library v0.9.8) causes a heap-based buffer overflow when processing specially crafted PCX data, enabling remote code execution. The attack requi...
CVE-2025-52456
The CVE-2025-52456 entry describes a memory corruption in the WebP decoding path of the SAIL Image Decoding Library v0.9.8. Specifically, an integer overflow during stride calculation in the WebP animation decoding can overflow a heap buffer, enabling remote code execution when a crafted file is ...
CVE-2025-52930
CVE-2025-52930 affects the BMPv3 RLE Decoding functionality in the SAIL Image Decoding Library v0.9.8 . A memory corruption due to a heap-based buffer overflow during BMP data decompression can lead to remote code execution if an attacker can induce the library to read a specially crafted BMP fil...
CVE-2026-27168
SAIL’s XWD codec vulnerability (CVE-2026-27168) causes a heap-based buffer overflow by reading bytes_per_line directly from the XWD file without validating it against the destination buffer size. EUVD-2026-23644 details a related but distinct issue in the same library where, for pixmap_depth=8, b...