Lucene search
K

287 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-14684

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...

4.8CVSS0.0012EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-55741

Name of the Vulnerable Software and Affected Versions HdrHistogram versions prior to 2.2.3 Description An issue exists in the decodeFromCompressedByteBuffer function within the org.HdrHistogram.AbstractHistogram class. Local manipulation of the lengthOfCompressedContents argument can lead to...

4.8CVSS5.8AI score0.00118EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/25 12:33 a.m.4 views

EUVD-2026-39130

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.6AI score0.00552EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 10:16 p.m.6 views

CVE-2026-2050

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00552EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 9:43 p.m.24 views

CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00552EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Integer overflow has been prevented in hdrfirstde. The variables deoff and used originate from the disk; therefore, both need to be checked. The issue arises on 32-bit systems, where if both values are greater than...

5.5CVSS6.3AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed a slab-out-of-bounds read in hdrdeletede. Here is a bug report from syzbot: Bug: KASAN: Slab-out-of-bounds in hdrdeletede+0xe0/0x150, fs/ntfs3/index.c:806. A read of size 16842960 was performed at address...

5.2AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/12 2:35 p.m.8 views

CVE-2026-2049

A flaw was found in GIMP. This heap-based buffer overflow vulnerability, located in the HDR file parsing component, allows a remote attacker to execute arbitrary code. User interaction is required for exploitation, as the target must open a malicious HDR file. The flaw occurs due to a lack of...

7.8CVSS7.9AI score0.00615EPSS
Exploits0References5
NVD
NVD
added 2026/06/10 10:16 p.m.22 views

CVE-2026-2049

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00615EPSS
Exploits0References5
CVE
CVE
added 2026/06/10 9:22 p.m.26 views

CVE-2026-2049

CVE-2026-2049 is a heap-based buffer overflow in HDR file parsing within gegl (used by GIMP) caused by insufficient validation of the length of user-supplied data. This can lead to remote code execution when a user opens a malicious HDR file or visits a crafted page, as indicated by the CVSS vect...

7.8CVSS7.7AI score0.00615EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/10 9:22 p.m.34 views

CVE-2026-2049 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00615EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 10:16 a.m.12 views

CVE-2026-46182

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct paprhvpipehdr contains reserved paddi...

5.5CVSS0.00126EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/22 1:11 p.m.11 views

Unsynchronized Access to Shared Data in a Multithreaded Context

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

5.6CVSS5.8AI score0.00077EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:43 p.m.13 views

Division by zero

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

4.8CVSS5.8AI score0.00111EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT that is used for processing images. The stbigetn function reads a specified number of bytes from the context usually a file into the specified buffer. If the file stream points to the end of the file, it returns zero. There are two places where...

5.5CVSS5.6AI score0.00657EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libstb

A issue was discovered in stbstbimage.h versions 1.33 to 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length data. An attacker could potentially cause a denial of service in applications that use stbimage by submitting crafted HDR files...

5.5CVSS6.7AI score0.01213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Handle the return value of hdrfirstde The hdrfirstde function returns a pointer to a struct NTFSDE. This pointer may be NULL. To effectively handle the NULL error, it is important to implement an error handler. This wil...

5.5CVSS6.1AI score0.00138EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 8:37 p.m.8 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 1:56 p.m.42 views

CVE-2026-31700

Summary (CVE-2026-31700): In the Linux kernel, a TOCTOU race in tpacket_snd() when PACKET_VNET_HDR is enabled allows a user-space race on vnet_hdr fields between validation and use, bypassing safety checks. The vulnerability affects the mmap’d TX ring buffer where vnet_hdr points into user-contro...

7.8CVSS5.9AI score0.00103EPSS
Exploits0References8Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/30 3:26 p.m.10 views

Important: Red Hat Security Advisory: OpenEXR security update

An update for OpenEXR is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

8.4CVSS6.1AI score0.00201EPSS
Exploits2References2
Rows per page
Query Builder