Out-of-bounds Read

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Heap-based Buffer Overflow

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Heap-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

[SECURITY] Fedora 44 Update: vips-8.18.0-6.fc44

VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...

[SECURITY] Fedora 44 Update: siril-1.4.2-3.fc44

Siril is an image processing tool specially tailored for noise reduction and improving the signal/noise ratio of an image from multiple captures, as required in astronomy. Siril can align automatically or manually, stack and enhance pictures from various file formats, even images sequences movies...

[SECURITY] Fedora 44 Update: luminance-hdr-2.6.1.1-89.fc44

Luminance HDR is a graphical user interface based on the Qt5 toolkit that provides a complete workflow for HDR imaging. Supported HDR formats: =E2=80=A2 OpenEXR extension: exr =E2=80=A2 Radiance RGBE extension: hdr =E2=80=A2 Tiff formats: 16bit, 32bit float and LogLuv extension: tiff =E2=80=A2 Ra...

[SECURITY] Fedora 44 Update: gegl04-0.4.70-2.fc44

GEGL Generic Graphics Library is a graph based image processing framework. GEGLs original design was made to scratch GIMP's itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API...

[SECURITY] Fedora 43 Update: libpng-1.6.56-1.fc43

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained security vulnerabilities. These vulnerabilities were due to a stack...

CLSA-2026-1775725743 ImageMagick: Fix of 3 CVEs

CVE-2025-66628: fix integer overflow in TIM parser - CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28693: fix integer overflow in DIB coder...

CVE-2026-5444 Heap Buffer Overflow in PAM Image Buffer Allocation

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

Libraw 安全漏洞

Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and other formats images. It supports various operating systems. LibRaw has a security vulnerability, which stems from a heap-based buffer overflow in the x3floadhuffman function, potentially leading to a...

Libraw 安全漏洞

Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and others format images. It supports various operating systems. Libraw has a security vulnerability, which stems from a heap buffer overflow in the HuffTable::initval function, potentially leading to a he...

PT-2026-30839

Koha Library before 23.05.10 fails to sanitize user-controllable filenames prior to unzipping, leading to remote code execution. The line "qx/unzip $filename -d $dirname/;" in upload-cover-image.pl is vulnerable to command injection via shell metacharacters because input data can be controlled by...

CVE-2026-34380

A flaw was found in OpenEXR, an image storage format library. A remote attacker could exploit a signed integer overflow vulnerability in the undopxr24impl function when processing a specially crafted EXR image file. This overflow can cause the application to write pixel data beyond its allocated...

AnyBurn 安全漏洞

AnyBurn is a disc burning and image processing tool developed by AnyBurn Corporation. The AnyBurn 4.3 x86 version contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the image conversion function, which could allow local attackers to cause the...

CVE-2025-43264

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory...

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the image pixel-limit guard failing to properly restrict oversized pixel counts during image processing. An attacker can exhaus...

OpenClaw: Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS

Summary Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Shipped v2026.3.28 image processing could fail open on oversized pixel counts and allow decompression-bomb DoS, an availabili...

CVE-2025-43264

CVE-2025-43264 affects Apple macOS Sequoia, with the issue tied to memory handling in image processing that can corrupt process memory. The vulnerability is fixed in macOS Sequoia 15.6. According to the provided metrics, the CVSS v3.1 base score is 8.8 (High) with an attack vector of NETWORK, att...