3492 matches found
ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free
A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted MSL Magick Scripting Language image. Processing this malicious image could trigger a...
CVE-2026-46601
A flaw was found in the golang.org/x/image/webp library's WebP decoder. A remote attacker could exploit this vulnerability by providing a specially crafted WebP image containing a VP8 chunk with mismatched dimensions. This could cause the decoder to panic, leading to a denial of service DoS for...
SUSE SLES15: GraphicsMagick / GraphicsMagick-devel / libGraphicsMagick++-Q16-12 / etc (SUSE-SU-2026:2625-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2625-1 advisory. This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125. Tenable has extracte...
EUVD-2026-36180
ImageMagick has an Infinite Loop in subimage-search with crafted image...
SUSE-SU-2026:2625-1 Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...
Astra Linux – Vulnerability in exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A out-of-bounds read vulnerability was discovered in Exiv2 versions v0.27.3 and earlier. This vulnerability occurs when Exiv2 is used to write metadata into a specially craft...
Astra Linux – Vulnerability in DjVuLibre
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error resource exhaustion caused by an infinite loop in GBitmap::readrleraw by creating a corrupted image file, which is related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in the ClonePixelCacheRepository function allowed a remote attacker to cause a denial of service by providing a crafted image file,...
Astra Linux – Vulnerability in Chromium
Using “after free” in the libavif library in Google Chrome before version 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption through a crafted image file. Chromium security severity: High...
Astra Linux – Vulnerability in exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A assertion failure occurs when Exiv2 is used to modify the metadata of a specially crafted image file. An attacker could potentially exploit this vulnerability to cause a...
Astra Linux – Vulnerability in TIF format
The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...
Astra Linux – Vulnerability in exiv2
In Exiv2 versions 0.27.1, an uncontrolled memory allocation for PngChunk::parseChunkContent allows an attacker to cause a denial of service crash due to a std::badalloc exception through a crafted PNG image file...
Astra Linux – Vulnerability in Pandoc
Pandoc is a Haskell library for converting between different markup formats, as well as a command-line tool that utilizes this library. Starting from version 1.13 and before version 3.1.4, Pandoc was vulnerable to a file-write vulnerability. This vulnerability could be exploited by including a...
Astra Linux – Vulnerability in exiv2
In Exiv2 0.26 and earlier versions, the PngChunk::readRawProfile method in pngchunkint.cpp may cause a denial of service application crashes due to a heap-based buffer overflow from reading a malicious PNG file...
Astra Linux – Vulnerability in libjpeg-turbo
Libjpeg-turbo 1.5.2 has a NULL Pointer Dereference issue in files jdpostct.c and jquant1.c, due to a malicious JPEG file...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick version 7.0.11. In this version, an integer overflow in the WriteTHUMBNAILImage function in the coders/thumbnail.c file may lead to undefined behavior when processing a specially crafted image file submitted by an attacker. The greatest threat posed by this...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can lead to a out-of-bounds read in ntfsielookup in NTFS-3G before version 2021.8.22...
Astra Linux – Vulnerability in exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic complexity was found in Exiv2 versions v0.27.3 and earlier. This inefficient algorithm occurs when Exiv2 is used to write metadata into a...
Astra Linux – Vulnerability in imlib2
A vulnerability exists in the imlibfreeimageanddecache function of imlib2 v1.9.1, allowing attackers to cause a heap buffer overflow by parsing a crafted image...