Lucene search
+L

1097 matches found

Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-61872 ImageMagick before 7.1.2-26 Memory Leak via TIFF Encoder

ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the TIFF encoder when an invalid tiff:tile-geometry is specified. Supplying malformed tile geometry parameters causes allocated memory not to be released, which can lead to increased memory consumption...

2.5CVSS0.00096EPSS
Exploits0References2
OSV
OSV
added 4 days ago3 views

CVE-2026-59198 Pillow TGA RLE encoder can serialize up to ~57 KB of adjacent heap data into generated images

Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0...

6.5CVSS6.1AI score0.00313EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 6 days ago12 views

Linux Distros Unpatched Vulnerability : CVE-2026-61870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by...

7.5CVSS6.1AI score0.00191EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 12:52 p.m.2 views

OESA-2026-2925 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

7.3CVSS6.6AI score0.00231EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/07/07 3:13 p.m.10 views

SUSE CVE-2026-55380

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS6AI score0.00361EPSS
Exploits1References5
NVD
NVD
added 2026/07/06 9:16 p.m.7 views

CVE-2026-21368

Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks...

5.3CVSS0.0006EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.33 views

CVE-2026-21368 Out-of-bounds Write in Camera Driver

Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks...

5.3CVSS0.0006EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.13 views

PT-2026-55988

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when parsing jpeg commands. This is caused by unaccounted extra writes to the buffer during validation checks. Recommendations At the...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55578

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...

7.3CVSS6.6AI score0.00233EPSS
Exploits0References27
OSV
OSV
added 2026/07/02 8:17 p.m.4 views

UBUNTU-CVE-2026-58381

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.2AI score0.00118EPSS
Exploits0References7
Snyk
Snyk
added 2026/07/01 9:19 p.m.4 views

Use of Uninitialized Resource

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS6AI score0.00197EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 9:19 p.m.4 views

Use of Uninitialized Resource

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS6AI score0.00197EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 7:25 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 4:28 p.m.80 views

CVE-2026-20244 ClamAV DMG File Processing Denial of Service Vulnerability

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...

7.5CVSS0.00389EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.12 views

PT-2026-54709

Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description An issue exists in the DMG file format parser where improper boundary checks for content during scanning can lead to memory corruption. On 32-bit platforms, this specifically manifests as an...

7.8CVSS7.2AI score0.00463EPSS
Exploits0References40
NVD
NVD
added 2026/06/26 9:16 p.m.15 views

CVE-2026-46604

The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset...

7.5CVSS0.00346EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:47 p.m.6 views

CVE-2026-46602

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...

5.9AI score0.00339EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.14 views

Astra Linux – Vulnerability in qtimageformats-opensource-src

When loading a specially crafted ICNS format image file in QImage, it will cause a crash. This issue affects Qt versions 6.3.0 through 6.5.9, 6.6.0 through 6.8.4, and 6.9.0. This issue has been fixed in versions 6.5.10, 6.8.5, and 6.9.1...

5.5CVSS5.7AI score0.00203EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in GIMP

A flaw was discovered in GIMP. There is an integer overflow vulnerability when processing ICO image files, specifically in the icoreadinfo and icoreadicon functions. This issue arises because the size calculation for image buffers can exceed the limit due to a 32-bit integer evaluation, allowing...

6.5CVSS7.4AI score0.00838EPSS
Exploits1References2
Rows per page
Query Builder