CVE-2019-20023

A memory leak was discovered in imagebufferresize in fromsixel.c in libsixel 1.8.4...

CVE-2023-50262

Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Dompdf performs an initial validation to ensure that paths within the SVG are allowed. One of the validations is that the SVG document does not reference itself. However, prior to version 2.0.4, a recursive chained using two or...

SUSE-SU-2026:0073-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-68618: read a malicious SVG file may result in a DoS attack bsc1255821. - CVE-2025-68950: check for circular references in mvg files may lead to stack overflow bsc1255822. - CVE-2025-69204: an integer overflow can lead to a DoS...

Bio-Formats performs unsafe Java deserialization of attacker-controlled memoization cache files (.bfmemo) during image processing

Bio-Formats versions up to and including 8.3.0 perform unsafe Java deserialization of attacker-controlled memoization cache files .bfmemo during image processing. The loci.formats.Memoizer class automatically loads and deserializes memo files associated with images without validation, integrity...

GHSA-QJM3-CVP9-3JJ3 Bio-Formats performs unsafe Java deserialization of attacker-controlled memoization cache files (.bfmemo) during image processing

Bio-Formats versions up to and including 8.3.0 perform unsafe Java deserialization of attacker-controlled memoization cache files .bfmemo during image processing. The loci.formats.Memoizer class automatically loads and deserializes memo files associated with images without validation, integrity...

CVE-2026-22187

Bio-Formats versions up to and including 8.3.0 perform unsafe Java deserialization of attacker-controlled memoization cache files .bfmemo during image processing. The loci.formats.Memoizer class automatically loads and deserializes memo files associated with images without validation, integrity...

libtiff: Libtiff Write-What-Where

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...

PT-2026-21390

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description GIMP installations are susceptible to remote code execution due to a heap-based buffer overflow present in the HDR file parsing functionality. Exploitation requires user interaction with malicio...

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

Uncontrolled Recursion

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

CVE-2025-68950 Magick's failure to limit MVG mutual references forming a loop

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

PT-2025-53944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ipu3-imgu component where a NULL pointer dereference can occur in the imgu subdev set selection function. This happens when v4l2 subdev get try crop a...

CVE-2025-14177

A flaw was found in PHP. The getimagesize function may leak uninitialized heap memory when processing images in multi-chunk mode, such as through php://filter. This vulnerability, caused by a bug in phpreadstreamallchunks that overwrites the buffer without advancing the pointer, allows an attacke...

EUVD-2022-55767

In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...

UBUNTU-CVE-2022-50722

In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...

PT-2025-53026

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The IMGU driver in the Linux kernel had a flaw where it attempted to dereference a NULL pointer when the sd state argument to functions like v4l2 subdev get try crop was NULL. This...

CVE-2025-68469

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

[SECURITY] Fedora 42 Update: vips-8.17.3-1.fc42

VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...

[SECURITY] Fedora 43 Update: vips-8.17.3-1.fc43

VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...

CVE-2025-65834

Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...