Lucene search
K

68 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in krb5

Kerberos 5 also known as krb5 1.21.2 contains a memory leak vulnerability in the file /krb5/src/lib/gssapi/krb5/k5sealv3.c...

7.5CVSS6.7AI score0.01128EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/17 9:7 a.m.7 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.2

The 1.21.2 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.21.2 release of Red Hat OpenShift Pipelines Operator...

8.5CVSS7.8AI score0.00788EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/06/17 6:49 a.m.6 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.2

The 1.21.2 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.21.2 release of Red Hat OpenShift Pipelines Operator...

9.8CVSS5.2AI score0.01557EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2026/06/08 1:25 p.m.9 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.2

The 1.21.2 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.21.2 release of Red Hat OpenShift Pipelines Operator...

9.6CVSS6.2AI score0.01557EPSS
Exploits2References7
OSV
OSV
added 2026/06/05 3:18 p.m.7 views

JLSEC-2026-571

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...

6.5CVSS5.2AI score0.0032EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.10 views

PT-2026-49253

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samples per chunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor m last sample = 0 + 0 - 1 = UINT32 MAX, mapping all samples to an...

6.5CVSS5.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-41071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples...

8.1CVSS5.8AI score0.00302EPSS
Exploits1References3
NVD
NVD
added 2026/05/22 9:16 p.m.12 views

CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS0.00253EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/05/22 8:49 p.m.7 views

CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS5.8AI score0.00253EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-32882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in...

7.1CVSS6AI score0.00323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.12 views

SUSE CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

6.5CVSS5.7AI score0.00301EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.14 views

SUSE CVE-2026-32741

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When decoding a HEIF file containing a mask image mski, the function copies the full iloc extent data into a pixel buffer using memcpydst,...

6.1CVSS5.9AI score0.00343EPSS
Exploits0References4
OSV
OSV
added 2026/05/19 9:16 p.m.14 views

DEBIAN-CVE-2026-32741

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When decoding a HEIF file containing a mask image mski, the function copies the full iloc extent data into a pixel buffer using memcpydst,...

7.1CVSS5.9AI score0.00343EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 9:16 p.m.8 views

UBUNTU-CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS5.8AI score0.00323EPSS
Exploits0References5
OSV
OSV
added 2026/05/19 8:16 p.m.6 views

UBUNTU-CVE-2026-32739

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...

6.5CVSS5.7AI score0.0032EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/19 8:7 p.m.8 views

CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS5.8AI score0.00323EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 7:57 p.m.12 views

EUVD-2026-30982

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When decoding a HEIF file containing a mask image mski, the function copies the full iloc extent data into a pixel buffer using memcpydst,...

7.1CVSS5.9AI score0.00343EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 7:10 p.m.12 views

EUVD-2026-30975

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...

6.5CVSS5.7AI score0.0032EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/19 7:10 p.m.44 views

CVE-2026-32739 libheif is Vulnerable to Infinite Loop DoS via stts Sample Duration Lookup

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Boxstts::getsampleduration, consuming 100% CPU indefinitely with zero progress, leading to DoS. The loop has no iteration limit or timeout and...

6.5CVSS0.0032EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/05/19 7:3 p.m.11 views

CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

6.5CVSS5.7AI score0.00301EPSS
Exploits1
Rows per page
Query Builder