EUVD-2026-36798

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

CVE-2026-52719

GStreamer: out-of-bounds read in the VA JPEG decoder of gst-plugins-bad (CVE-2026-52719). The JPEG parser reads a segment length without validating against available data, enabling a remote attacker to craft a JPEG that, when opened by a user, may cause parsing to read beyond the input buffer, po...

RockyLinux 10 : gdk-pixbuf2 (RLSA-2026:19127)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19127 advisory. gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image CVE-2026-5201 Tenable has extracted the...

RLSA-2026:19127 Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

Astra Linux - уязвимость в libstb

Buffer overflow vulnerability in the function stbiextendreceive in stbimage.h in stb 2.26, caused by a crafted JPEG file...

RLSA-2026:19210 Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

gdk-pixbuf2 security update

An update is available for gdk-pixbuf2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gdk-pixbuf2 packages provide an image loading library that can be...

Important: Red Hat Security Advisory: gdk-pixbuf2 security update

An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

RHEL 9 : gdk-pixbuf2 (RHSA-2026:19210)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19210 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits suc...

RHEL 10 : gdk-pixbuf2 (RHSA-2026:19127)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19127 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits su...

ALSA-2026:19127 Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

SUSE CVE-2026-8535

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

CVE-2026-8535

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

CVE-2026-8535

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

CVE-2026-8535

CVE-2026-8535 describes an out-of-bounds read in the Media component of Google Chrome on Linux and ChromeOS, exploitable when a renderer process is compromised and a crafted JPEG is processed. The issue could allow a remote attacker to read potentially sensitive data from process memory. Affected...

CVE-2026-8535

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

CVE-2026-8535

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

EUVD-2026-30449

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-8535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to...