Lucene search
+L

287 matches found

RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-61863

A flaw was found in ImageMagick. When processing a Tagged Image File Format TIFF image, a small memory leak can occur if the TIFF encoder is unable to create a temporary file. This can lead to a gradual consumption of system memory, potentially impacting the availability of the application...

7.5CVSS6AI score0.00187EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-44616

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the TIFF encoder when memory allocation fails. Attackers can trigger allocation failures during TIFF image processing to cause memory exhaustion and denial of service...

2.9CVSS6.1AI score0.00102EPSS
Exploits0References2
OSV
OSV
added 4 days ago3 views

DEBIAN-CVE-2026-59198

Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0...

7.5CVSS6.1AI score0.00313EPSS
Exploits1References1
EUVD
EUVD
added 2026/07/02 9:1 p.m.15 views

EUVD-2026-33432

golang.org/x/image/tiff has excessive resource consumption in PackBits decompression...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 4:31 p.m.9 views

EUVD-2026-40151

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.00231EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 8:17 p.m.9 views

CVE-2026-46602

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...

7.5CVSS0.00339EPSS
Exploits0References3
OSV
OSV
added 2026/06/19 6:16 p.m.4 views

UBUNTU-CVE-2026-49271

libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.19 views

DNGBehaviorAnalyzer Telemetry-Based DNG/TIFF Metadata Parser and Anomaly Detection

This Python script provides a telemetry-driven analysis framework for inspecting Digital Negative DNG files through low-level TIFF metadata parsing and runtime event logging. The tool reads and validates TIFF headers, traverses Image File Directory IFD entries, and records parser activity using...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.10 views

Synthetic TIFF Corpus Generator for Parser Validation and Boundary Condition Testing

This Python script generates a small corpus of synthetic TIFF-like files designed for validating parser behavior across different image dimension scenarios...

5.5AI score
Exploits0
NVD
NVD
added 2026/05/29 8:16 p.m.19 views

CVE-2026-46599

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

7.5CVSS0.00353EPSS
Exploits0References4
OSV
OSV
added 2026/05/29 8:16 p.m.21 views

UBUNTU-CVE-2026-46599

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/29 7:35 p.m.13 views

CVE-2026-46599

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

7.5CVSS5.8AI score0.00353EPSS
Exploits0
Rockylinux
Rockylinux
added 2026/05/29 12:0 a.m.20 views

compat-libtiff3 security update

An update is available for compat-libtiff3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff3 package provides libtiff 3, an older version of libtiff...

7.8CVSS6.2AI score0.00553EPSS
Exploits0
Snyk
Snyk
added 2026/05/22 11:49 p.m.10 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the core sequence parsing process. An attacker can cause a crash or denial of service by providing a specially crafted HEIF file that manipulates the stco.entrycount, saio.entrycount, and saiz.samplecount values to...

7.1CVSS5.8AI score0.00253EPSS
Exploits1References2
OSV
OSV
added 2026/05/22 10:18 a.m.2 views

CVE-2026-5755 Denial of service via crafted TIFF file upload

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS6AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in versions of Mattermost 11.6.0 and earlier 11.6.x series, as well as versions prior to 11.5.3 11.5.x series, 11.4.4 and earlier 11.4.x series, and 10.11.14 and earlier 10.11.x...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in TIFFmemcpy in libtiff/tifunix.c:346, when called from extractImageSection, located at tools/tiffcrop.c:6826. This vulnerability allows attackers to cause a denial-of-service attack through a crafted TIFF file. For users who compile...

6.5CVSS6.7AI score0.00949EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openimageio

There is a heap-based buffer overflow vulnerability in the tile decoding code of the TIFF image parser in OpenImageIO’s master-branch-9aeece7a and v2.3.19.0. A specially crafted TIFF file can lead to out-of-bounds memory corruption, which may result in arbitrary code execution. An attacker can...

9.8CVSS9AI score0.01813EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in TIF format

The processCropSelections function in the tools/tiffcrop.c file of LibTIFF, as of version 4.5.0, has a heap-based buffer overflow vulnerability. This vulnerability occurs due to a crafted TIFF image being written with a size of 307203 bytes...

5.5CVSS6.8AI score0.00461EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

RHEL 10 : libtiff (RHSA-2026:19586)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19586 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitra...

7.8CVSS6.2AI score0.00553EPSS
Exploits0References4
Rows per page
Query Builder