Lucene search
K

1071 matches found

Cvelist
Cvelist
added 3 days ago47 views

CVE-2026-20244 ClamAV DMG File Processing Denial of Service Vulnerability

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...

7.5CVSS0.00389EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago5 views

PT-2026-54709

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...

7.5CVSS5.9AI score0.00389EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 9:16 p.m.10 views

CVE-2026-46604

The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset...

7.5CVSS0.00346EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in qtimageformats-opensource-src

When loading a specially crafted ICNS format image file in QImage, it will cause a crash. This issue affects Qt versions 6.3.0 through 6.5.9, 6.6.0 through 6.8.4, and 6.9.0. This issue has been fixed in versions 6.5.10, 6.8.5, and 6.9.1...

5.5CVSS5.7AI score0.00203EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in GraphicsMagick

In GraphicsMagick, a heap buffer overflow was detected during the parsing of MIFF files...

7.8CVSS7.1AI score0.00427EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Tiff

A null source pointer passed as an argument to the memcopy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file. For users who compile libtiff from source code, a fix is available in the commit...

5.5CVSS6.6AI score0.0125EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in TIF format

LibTIFF 4.4.0 contains an out-of-bounds read vulnerability in tiffcrop, located at line 368 of libtiff/tifunix.c. This vulnerability is invoked by lines 2903 and 6921 in tools/tiffcrop.c. This allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile...

6.8CVSS6.8AI score0.00421EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A NULL pointer dereference flaw was discovered in ImageMagick in versions prior to 7.0.10-31, in the ReadSVGImage function in coders/svg.c. This issue arises from not checking the return value from libxml2’s xmlCreatePushParserCtxt function and directly using that value, resulting in a crash and...

6.5CVSS6.9AI score0.01894EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in exiv2

In Exiv2 0.26, there is a null pointer dereference in the Exiv2::DataValue::toLong function located in value.cpp. This issue is related to crafted metadata in a TIFF file...

5.5CVSS6.7AI score0.00793EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/19 12:0 a.m.9 views

EUVD-2025-210287

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

6AI score0.00823EPSS
Exploits1References1
CVE
CVE
added 2026/06/16 4:50 p.m.129 views

CVE-2026-4367

LibXpm vulnerability CVE-2026-4367: a local user can trigger an out-of-bounds read in xpmNextWord() while parsing XPM images, potentially crashing the process and causing DoS. Concrete details across connected docs show the flaw resides in libXpm, with impact limited to availability (I) and no co...

5.5CVSS4.7AI score0.00129EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.10 views

PT-2026-49754

Name of the Vulnerable Software and Affected Versions DNG SDK versions prior to 1.7.1 2536 Description A Heap-based Buffer Overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially corrupting adjacent memory. This issue could result in arbitrar...

7.8CVSS6AI score0.00199EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49335

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description An out-of-bounds read occurs in the VA JPEG decoder within the gst-plugins-bad module. The JPEG parser reads a segment length value from the bitstream without validating it...

7.1CVSS6AI score0.0028EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.10 views

SUSE CVE-2026-46522

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...

5.5CVSS5.2AI score0.01849EPSS
Exploits4References4
Cvelist
Cvelist
added 2026/06/10 9:55 p.m.30 views

CVE-2026-48734 ImageMagick: Stack Overflow in MVG decoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

5.5CVSS0.00107EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 9:40 p.m.9 views

EUVD-2026-36171

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and...

5.5CVSS5.3AI score0.00111EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Apache Answer 代码问题漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on the upload of dangerous types of files. Custom TIFF images might trigger...

6.5CVSS5.4AI score0.00479EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.9 views

CVE-2026-8454

Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The...

5.3CVSS5.7AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.8 views

CVE-2026-5755

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.5 views

7-Zip 缓冲区错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions 9.34 to 26.00 of 7-Zip contain a buffer error vulnerability. This vulnerability stems from improper handling of WIM archive processors’ security descriptor lookups, leading to out-of-bounds read attacks, which may result in...

7.1CVSS5.6AI score0.00225EPSS
Exploits1References1
Rows per page
Query Builder