Lucene search
+L

1097 matches found

Debian CVE
Debian CVE
added 2026/04/01 8:56 p.m.4 views

CVE-2026-34543

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data information disclosure...

8.7CVSS5.2AI score0.00482EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/04/01 8:55 p.m.4 views

CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

8.4CVSS5.4AI score0.00244EPSS
Exploits1
CVE
CVE
added 2026/04/01 8:51 p.m.17 views

CVE-2026-34545

CVE-2026-34545 affects OpenEXR versions 3.4.0–3.4.6, where decoding an EXR file using HTJ2K compression with a channel width of 32768 can trigger a heap write overflow. The overflow occurs while decoding and writes beyond the output heap buffer, with a write primitive of 2 bytes per overflow iter...

8.8CVSS6.5AI score0.00611EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 10:14 p.m.3 views

CVE-2026-34551 iccDEV: NPD in CIccTagLut16::Write()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a null-pointer dereference NPD in CIccTagLut16::Write can be triggered when processing a crafted ICC profile embedded in a TIFF and extracted during iccTiffDump. This issue has...

6.2CVSS5.7AI score0.00156EPSS
Exploits1References3
OSV
OSV
added 2026/03/31 10:1 p.m.3 views

CVE-2026-34539 iccDEV: HBO in CTiffImg::WriteLine()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF input can trigger a heap-buffer-overflow HBO in CTiffImg::WriteLine. The issue is observable under AddressSanitizer as an out-of-bounds heap read...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/03/27 12:29 a.m.4 views

SUSE CVE-2026-4887

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

6.1CVSS6AI score0.00634EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-31797

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CTiffImg::ReadLine when iccApplyProfiles processes a crafted TIFF image, causing memory disclosure or crash. This vulnerability is fixed in 2.3.1.5...

6.1CVSS5.8AI score0.0015EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 12:8 p.m.52 views

CVE-2026-4887

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

7.1CVSS6AI score0.00634EPSS
Exploits1References11
ATTACKERKB
ATTACKERKB
added 2026/03/25 6:24 p.m.6 views

CVE-2026-33809

A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error...

5.3CVSS5.8AI score0.00328EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/23 6:30 p.m.3 views

EUVD-2026-14467

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

6.2CVSS5.8AI score0.00158EPSS
Exploits1References3
OSV
OSV
added 2026/03/20 2:25 p.m.5 views

OESA-2026-1689 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

8.4CVSS5.8AI score0.00201EPSS
Exploits2References2
HackRead
HackRead
added 2026/03/20 2:3 p.m.8 views

Why Image Format Conversion Is Becoming a Practical Issue in Web Security and Performance

WebP boosts performance raises compatibility issues, making image format conversion to PNG essential for secure, flexible, and efficient web workflows today...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/19 12:26 a.m.5 views

SUSE CVE-2026-26740

Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size...

8.6CVSS5.8AI score0.00618EPSS
Exploits1References11
Cvelist
Cvelist
added 2026/03/17 6:52 p.m.26 views

CVE-2025-66617

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...

6.1CVSS0.00268EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/13 8:39 p.m.9 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow when parsing Huffman tables in JPEG files. An attacker can execute arbitrary code by supplying a specially crafted JPEG file. Remediation Upgrade gstreamer to version 1.28.1 or higher. References - GitLab Comm...

8.4CVSS7.5AI score0.00787EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/12 10:39 p.m.6 views

Stack-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.7CVSS5.8AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 2026/03/10 7:43 a.m.8 views

UBUNTU-CVE-2026-28690

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data...

6.9CVSS6AI score0.00096EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/09 9:39 p.m.6 views

Stack-based Buffer Overflow

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.6CVSS5.8AI score0.00096EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/09 9:39 p.m.12 views

Stack-based Buffer Overflow

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.6CVSS5.8AI score0.00096EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/09 9:39 p.m.6 views

Stack-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.6CVSS5.8AI score0.00096EPSS
Exploits0References2
Rows per page
Query Builder