CVE-2026-33901

ImageMagick exposes a heap buffer overflow in the MVG decoder when processing crafted images, affecting versions prior to 6.9.13-44 and 7.1.2-19. Red Hat documents it as enabling a DoS via remote processing of a specially crafted image; NVD and CVE listings describe an out-of-bounds write in MVG ...

CVE-2026-33901

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...

CVE-2026-33901

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: CVE-2026-26284: heap overflow in pcd decoder leads to out of bounds read bsc1258765. CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow bsc1259456. Patch Instructions: To install this SUSE update u...

SUSE-SU-2026:1300-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: - CVE-2026-26284: heap overflow in pcd decoder leads to out of bounds read bsc1258765. - CVE-2026-28690: missing bounds check in the MNG encoder can lead to a stack buffer overflow bsc1259456...

DEBIAN-CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

JLSEC-2026-80

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

JLSEC-2026-81

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

PT-2026-32368

Name of the Vulnerable Software and Affected Versions FFmpeg version 8.0.1 Description An out-of-bounds read occurs in the read global param function within the libavcodec/av1dec.c component. This issue allows attackers to cause a Denial of Service DoS by providing a crafted input. Recommendation...

CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2026-32525

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-19 ImageMagick versions prior to 6.9.13-44 Description A heap buffer overflow occurs in the MVG decoder, which can lead to an out of bounds write when processing a specially crafted image. A heap buffer...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained a buffer error vulnerability. This vulnerability stemmed from a heap...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 contained security vulnerabilities. These vulnerabilities stemmed from errors in the MSL decoder...

PT-2026-32544

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-19 Description An off-by-one error in the MSL decoder can cause a crash when reading a malicious MSL file. Recommendations Update to version 7.1.2-19...

OESA-2026-1853 xz security update

XZ Utils is free general-purpose data compression software with a high compression ratio. XZ Utils were written for POSIX-like systems, but also work on some not-so-POSIX systems. XZ Utils are the successor to LZMA Utils. Security Fixes: XZ Utils provide a general-purpose data-compression library...

OESA-2026-1844 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

OESA-2026-1842 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

OESA-2026-1841 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

OESA-2026-1840 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-34743)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-34743 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to...