diff --git a/extractor/filesystem/embeddedfs/qcow2/format.go b/extractor/filesystem/embeddedfs/qcow2/format.go
index 104fd120c..8e749d58d 100644
--- a/extractor/filesystem/embeddedfs/qcow2/format.go
+++ b/extractor/filesystem/embeddedfs/qcow2/format.go
@@ -191,6 +191,9 @@ func parseHeader(reader io.Reader) (*header, []headerExtension, error) {
 }
 
 func readL1Table(header *header, reader io.ReaderAt) ([]uint64, error) {
+	if header.ClusterBits < 9 || header.ClusterBits > 21 {
+		return nil, fmt.Errorf("invalid ClusterBits value: %d", header.ClusterBits)
+	}
 	l1Table := make([]uint64, header.L1Size)
 	buf := make([]byte, header.L1Size*8)
 	if _, err := reader.ReadAt(buf, int64(header.L1TableOffset)); err != nil {
@@ -203,6 +206,9 @@ func readL1Table(header *header, reader io.ReaderAt) ([]uint64, error) {
 }
 
 func readL2Table(l1Entry uint64, header *header, reader io.ReaderAt) ([]uint64, error) {
+	if header.ClusterBits < 9 || header.ClusterBits > 21 {
+		return nil, fmt.Errorf("invalid ClusterBits value: %d", header.ClusterBits)
+	}
 	if l1Entry == 0 {
 		return nil, nil
 	}
diff --git a/extractor/filesystem/embeddedfs/vdi/vdi.go b/extractor/filesystem/embeddedfs/vdi/vdi.go
index afa3199b8..693ae386d 100644
--- a/extractor/filesystem/embeddedfs/vdi/vdi.go
+++ b/extractor/filesystem/embeddedfs/vdi/vdi.go
@@ -194,6 +194,9 @@ func convertVDIToRaw(in io.Reader, out io.Writer) error {
 			curPos = int64(hdr.OffsetBmap)
 		}
 
+		if hdr.BlocksInImage > 2*1024*1024 {
+			return fmt.Errorf("BlocksInImage %d exceeds maximum allowed value", hdr.BlocksInImage)
+		}
 		indices := make([]uint32, hdr.BlocksInImage)
 		if err := binary.Read(in, binary.LittleEndian, &indices); err != nil {
 			return fmt.Errorf("failed to read block map: %w", err)
diff --git a/extractor/filesystem/embeddedfs/vmdk/vmdk.go b/extractor/filesystem/embeddedfs/vmdk/vmdk.go
index df9919437..dc1175c79 100644
--- a/extractor/filesystem/embeddedfs/vmdk/vmdk.go
+++ b/extractor/filesystem/embeddedfs/vmdk/vmdk.go
@@ -414,12 +414,12 @@ func getGDGT(hdr sparseExtentHeader) (*gdgtInfo, error) {
 	GTs := uint32((GTEs + uint64(hdr.NumGTEsPerGT) - 1) / uint64(hdr.NumGTEsPerGT))
 	GDsectors := uint32((uint64(GTs)*4 + SectorSize - 1) / SectorSize)
 	GTsectors := uint32((uint64(hdr.NumGTEsPerGT)*4 + SectorSize - 1) / SectorSize)
-	totalSectors := int64(GDsectors + GTsectors*GTs)
+	totalSectors := int64(GDsectors) + int64(GTsectors)*int64(GTs)
 	totalBytes := totalSectors * SectorSize
 	if totalBytes > 1<<31 {
 		return nil, fmt.Errorf("gd/gt allocation too large: %d bytes", totalBytes)
 	}
-	gdarr := make([]uint32, (GDsectors*SectorSize)/4+(GTsectors*GTs*SectorSize)/4)
+	gdarr := make([]uint32, (int64(GDsectors)*SectorSize/4)+(int64(GTsectors)*int64(GTs)*SectorSize/4))
 	info := &gdgtInfo{
 		GTEs:      GTEs,
 		GTs:       GTs,