Lucene search
K

62 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openjpeg2

There is a flaw in openjpeg in versions prior to 2.4.0, located in src/lib/openjp2/pi.c. When an attacker can provide crafted input that is processed by the openjpeg encoder, it may lead to an out-of-bounds read. The most significant impact of this flaw is the application’s availability...

5.5CVSS6.7AI score0.01384EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-50984

Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to provide crafted video frame pixels that overlap with internal encoder layer...

7.1CVSS6AI score0.00399EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-50981

Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description A heap buffer overflow occurs in the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode allows the first-pass stats ring buffer wrap-around guard to...

7.6CVSS6.2AI score0.00275EPSS
Exploits0References32
Snyk
Snyk
added 2026/05/21 9:42 p.m.10 views

Off-by-one Error

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/21 9:42 p.m.13 views

Off-by-one Error

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/18 8:37 p.m.11 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.9 views

Infinite loop

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00111EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/18 3:31 p.m.11 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 12:12 a.m.15 views

Netty has a DNS Codec Input Validation Bypass (Encoder + Decoder)

Security Vulnerability Report: DNS Codec Input Validation Bypass in Netty Encoder + Decoder 1. Vulnerability Summary | Field | Value | |-------|-------| | Product | Netty | | Version | 4.2.12.Final and all prior versions with codec-dns | | Component | io.netty.handler.codec.dns.DnsCodecUtil | |...

9.1CVSS5.8AI score0.00818EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/04/14 11:32 p.m.6 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/14 11:32 p.m.9 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/04/07 12:24 p.m.3 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. CVE-2026-28494: missing bounds checks in...

8.8CVSS6.1AI score0.00475EPSS
Exploits0References90
Amazon
Amazon
added 2026/04/01 12:0 a.m.10 views

Important: ImageMagick

Issue Overview: A flaw was found in ImageMagick. An integer overflow vulnerability exists in the SIXEL decoder, which allows a remote attacker to perform an out-of-bounds write via a specially crafted image. This can lead to a Denial of Service DoS and potentially information disclosure...

8.1CVSS6.5AI score0.00353EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/03/20 1:41 p.m.7 views

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference bsc1259455. CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write bsc1259467. Patch...

8.8CVSS6AI score0.00353EPSS
Exploits0References8
OSV
OSV
added 2026/03/12 2:11 p.m.1 views

GHSA-XXW5-M53X-J38C ImageMagick has heap use-after-free in the MSL encoder

A heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. SUMMARY: AddressSanitizer: heap-use-after-free MagickCore/image.c:1195 in DestroyImage Shadow bytes around t...

4CVSS5.7AI score0.00193EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/12 2:11 p.m.6 views

ImageMagick has heap use-after-free in the MSL encoder

A heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. SUMMARY: AddressSanitizer: heap-use-after-free MagickCore/image.c:1195 in DestroyImage Shadow bytes around t...

5.3CVSS5.7AI score0.00193EPSS
Exploits0References4Affected Software19
Cvelist
Cvelist
added 2026/03/09 9:50 p.m.47 views

CVE-2026-30937 ImageMagick has a heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a 32-bit unsigned integer overflow in the XWD X Windows encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of...

6.8CVSS0.00099EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/09 9:38 p.m.4 views

Use After Free

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.5CVSS5.8AI score0.00193EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/09 9:38 p.m.3 views

Use After Free

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.5CVSS5.8AI score0.00193EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/09 9:38 p.m.5 views

Use After Free

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.5CVSS5.8AI score0.00193EPSS
Exploits0References2
Rows per page
Query Builder