Lucene search
K

1067 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in dcmtk

DCMTK through version 3.6.6 does not handle memory deallocation properly. The object in the program is freed, but its address is still used in other locations. Sending specific requests to the dcmqrdb program will lead to a double-free. An attacker can use this vulnerability to launch a DoS attac...

7.5CVSS6.7AI score0.01595EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in dcmtk

It was discovered that DCMTK v3.6.7 contains a memory leak through the TASCAssociation object...

7.5CVSS6.7AI score0.01568EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.14 views

HP Linux Imaging and Printing Software 命令注入漏洞

HP Linux Imaging and Printing Software is a software package developed by American company HP, designed for the installation, use, and management of HP printers and scanners. HP Linux Imaging and Printing Software has a command injection vulnerability, which stems from operating system command...

8.5CVSS6.1AI score0.0088EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.11 views

PT-2026-42267

Name of the Vulnerable Software and Affected Versions HP Linux Imaging and Printing Software affected versions not specified Description An OS command injection flaw exists in the HP Linux Imaging and Printing Software. This issue may allow an attacker to achieve escalation of privileges and/or...

9.8CVSS6AI score0.01333EPSS
Exploits0References49
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

HP Linux Imaging and Printing Software 安全漏洞

HP Linux Imaging and Printing Software is a software package developed by American company HP, designed for the installation, use, and management of HP printers and scanners. There is a security vulnerability in HP Linux Imaging and Printing Software, which stems from integer overflows during the...

9.8CVSS6.1AI score0.01333EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.11 views

PT-2026-42266

Name of the Vulnerable Software and Affected Versions HP Linux Imaging and Printing Software versions prior to 3.26.4 Description An integer overflow exists in the hpcups processing path when handling crafted print data. This flaw may allow an unauthenticated attacker to bypass memory limits,...

9.8CVSS6.6AI score0.01333EPSS
Exploits0References65
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40312

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.8 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.5 and iPadOS prior to 26.5 contained security vulnerabilities. These...

4.6CVSS5.9AI score0.00159EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/09 6:16 a.m.13 views

CVE-2026-42308

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
OSV
OSV
added 2026/05/09 6:16 a.m.7 views

UBUNTU-CVE-2026-42311

Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0...

8.6CVSS6AI score0.0015EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/09 4:10 a.m.7 views

CVE-2026-42310

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

5.5CVSS5.7AI score0.00126EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/09 4:8 a.m.7 views

CVE-2026-42309

Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursive...

5.5CVSS5.8AI score0.00133EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: ImageMagick (UTSA-2026-017382)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017382 advisory. A heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo function of dcm.c file. This vulnerability is triggered when an attacker passes a specially...

7.1CVSS5.7AI score0.01113EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-017334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017334 advisory. PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be...

9.8CVSS5.9AI score0.03399EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/29 7:24 p.m.6 views

EUVD-2018-21818

Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hija...

6.9CVSS5.2AI score0.00138EPSS
Exploits0References3
Fedora
Fedora
added 2026/04/25 1:59 a.m.7 views

[SECURITY] Fedora 44 Update: python-pillow-12.2.0-1.fc44

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

8.7CVSS4.5AI score0.00671EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/24 12:32 p.m.9 views

Medical data of 500,000 UK volunteers listed for sale on Alibaba

Half a million Britons signed up to help cure cancer. Their data ended up for sale on Alibaba. The UK Biobank charity informed the British government of an incident concerning the medical data belonging to 500,000 British citizens being offered for sale on the Chinese e-commerce website Alibaba...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-46979

Name of the Vulnerable Software and Affected Versions 7-Zip versions 9.34 through 26.00 Description An off-by-one heap out-of-bounds read exists in the WIM Windows Imaging archive handler's security descriptor lookup. In the GetSecurity function within CHandler::GetSecurity...

7.1CVSS5.8AI score0.00225EPSS
Exploits1References31
UbuntuCve
UbuntuCve
added 2026/04/17 12:0 a.m.8 views

CVE-2026-40192

Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...

8.7CVSS5.7AI score0.00671EPSS
Exploits0References4
OSV
OSV
added 2026/04/17 12:0 a.m.4 views

UBUNTU-CVE-2026-40192

Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...

8.7CVSS5.7AI score0.00671EPSS
Exploits0References5
Rows per page
Query Builder