Lucene search
K

123 matches found

OSV
OSV
added 2026/06/24 11:55 a.m.2 views

SUSE-SU-2026:2622-1 Security update for libheif

This update for libheif fixes the following issues Update to 1.23.0: - CVE-2025-68431: heap buffer over-read in HeifPixelImage: overlay via crafted HEIF that exercises the overlay image item bsc1255735. - CVE-2026-3950: manipulation of the component stsz/stts can lead to out-of-bounds read...

8.8CVSS6.1AI score0.00514EPSS
Exploits6References45
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:57 a.m.10 views

Malicious code in @mastra/chroma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a18696e99554013ec1bb0d7a66c97f48ee65edc6cc6f8f2d4f6c9e26d88268fe The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/17 4:57 a.m.4 views

MAL-2026-6005 Malicious code in @mastra/chroma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a18696e99554013ec1bb0d7a66c97f48ee65edc6cc6f8f2d4f6c9e26d88268fe The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/05 3:18 p.m.10 views

JLSEC-2026-572

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.3AI score0.00514EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.11 views

PT-2026-49255

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.20 views

PT-2026-44332

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An inconsistency exists in the calculation of sub-sampled plane dimensions within the drm gem fb init with funcs function. While the framebuffer check function uses DIV ROUND UP to round up...

7.8CVSS5.9AI score0.00139EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.18 views

SUSE CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

7.8CVSS5.8AI score0.00514EPSS
Exploits1References5
Snyk
Snyk
added 2026/05/19 9:51 p.m.9 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the image decoding process when handling grid tile chroma compositing. An attacker can execute arbitrary code or cause a denial of service by crafting a specially designed HEIF/AVIF file with a 1×4 grid of...

8.8CVSS6.2AI score0.00514EPSS
Exploits1References2
OSV
OSV
added 2026/05/19 8:16 p.m.9 views

DEBIAN-CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References1
OSV
OSV
added 2026/05/19 8:16 p.m.6 views

ALPINE-CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.3AI score0.00514EPSS
Exploits1References1
NVD
NVD
added 2026/05/19 8:16 p.m.27 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS0.00514EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2026/05/19 8:16 p.m.10 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.9AI score0.00514EPSS
Exploits1References3
OSV
OSV
added 2026/05/19 8:16 p.m.17 views

UBUNTU-CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/19 7:22 p.m.7 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/19 7:22 p.m.9 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/05/19 7:22 p.m.8 views

CVE-2026-32740 libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References2
CVE
CVE
added 2026/05/19 7:22 p.m.61 views

CVE-2026-32740

libheif (HEIF/AVIF decoder/encoder) versions

8.8CVSS5.8AI score0.00514EPSS
Exploits1References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/19 7:22 p.m.12 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1
OSV
OSV
added 2026/05/19 7:22 p.m.2 views

CVE-2026-32740 libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.9AI score0.00514EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/05/19 7:22 p.m.43 views

CVE-2026-32740 libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS0.00514EPSS
Exploits1References2
Rows per page
Query Builder