UBUNTU-CVE-2025-39820

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add a null ptr check for dpuencoderneedsmodeset The drmatomicgetnewconnectorstate can return NULL if the connector is not part of the atomic state. Add a check to prevent a NULL pointer dereference. This follows the...

SUSE SLED15 / SLES15 Security Update : jasper (SUSE-SU-2025:03219-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03219-1 advisory. - CVE-2025-8835: missing range check in the JPEG-2000 JPC Encoder leads to assertion failure and crash when...

Security update for jasper

This update for jasper fixes the following issues: CVE-2025-8835: missing range check in the JPEG-2000 JPC Encoder leads to assertion failure and crash when processing a malformed JPEG2000 image with an invalid cblkwidth parameter bsc1247904. CVE-2025-8836: out-of-bounds array indexing in functio...

SUSE-SU-2025:03219-1 Security update for jasper

This update for jasper fixes the following issues: - CVE-2025-8835: missing range check in the JPEG-2000 JPC Encoder leads to assertion failure and crash when processing a malformed JPEG2000 image with an invalid cblkwidth parameter bsc1247904. - CVE-2025-8836: out-of-bounds array indexing in...

[SECURITY] Fedora 43 Update: perl-Cpanel-JSON-XS-4.40-1.fc43

This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C...

[SECURITY] Fedora 43 Update: libsixel-1.10.5-4.fc43

An encoder/decoder implementation for DEC SIXEL graphics...

Linux Distros Unpatched Vulnerability : CVE-2020-36120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow in the sixelencoderencodebytes function of Libsixel v1.8.6 allows attackers to cause a Denial of Service DoS. CVE-2020-36120 Note that Nessus...

ROS-20250905-10

Vulnerability of ImageMagick console graphic editor related to integer overflow on BMP encoder step calculation. calculation of BMP encoder bitmap string step. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

ROS-20250905-09

Vulnerability of ImageMagick console graphic editor related to integer overflow on BMP encoder step calculation. calculation of BMP encoder bitmap string step. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'

...

[SECURITY] Fedora 41 Update: libsixel-1.10.5-3.fc41

An encoder/decoder implementation for DEC SIXEL graphics...

[SECURITY] Fedora 42 Update: libsixel-1.10.5-4.fc42

An encoder/decoder implementation for DEC SIXEL graphics...

Linux Distros Unpatched Vulnerability : CVE-2025-5262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory...

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

...

Linux Distros Unpatched Vulnerability : CVE-2025-57803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit...

Linux Distros Unpatched Vulnerability : CVE-2025-8836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the componen...

Linux Distros Unpatched Vulnerability : CVE-2021-46700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libsixel 1.8.6, sixelencoderoutputwithoutmacro called from sixelencoderencodeframe in encoder.c has a double free. CVE-2021-46700 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2020-27823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenJPEG's encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest...

Linux Distros Unpatched Vulnerability : CVE-2020-21677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow in the sixelencoderoutputwithoutmacro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service DOS via...

webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...