529 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-49271
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offse...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libheif vulnerabilities (USN-8454-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8454-1 advisory. Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files...
CVE-2026-49271
libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...
UBUNTU-CVE-2026-49271
libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...
CVE-2026-49271
CVE-2026-49271 affects libheif prior to 1.22.1. The uncompressed HEIF decoder validates icef compressed-unit offsets with unit_offset + unit_size, which can wrap and allow constructing iterators outside the compressed item buffer, causing an out-of-bounds heap read and crash. This vulnerability i...
CVE-2026-49271
libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...
CVE-2026-49271 libheif: Wrapped icef compressed-unit range check causes out-of-bounds read in uncompressed HEIF decoder
libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...
Astra Linux – Vulnerability in libde265
A buffer overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code through the SAO Sample Adaptive Offset processing of libde265...
ROOT-OS-DEBIAN-13-CVE-2026-32740 CVE-2026-32740 in rootio-libheif - Patched by Root
Root has patched CVE-2026-32740 in the rootio-libheif package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-68431 CVE-2025-68431 in rootio-libheif - Patched by Root
Root has patched CVE-2025-68431 in the rootio-libheif package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-41071 CVE-2026-41071 in rootio-libheif - Patched by Root
Root has patched CVE-2026-41071 in the rootio-libheif package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-32882 CVE-2026-32882 in rootio-libheif - Patched by Root
Root has patched CVE-2026-32882 in the rootio-libheif package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-32741 CVE-2026-32741 in rootio-libheif - Patched by Root
Root has patched CVE-2026-32741 in the rootio-libheif package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-41071 CVE-2026-41071 in rootio-libheif - Patched by Root
Root has patched CVE-2026-41071 in the rootio-libheif package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-32740 CVE-2026-32740 in rootio-libheif - Patched by Root
Root has patched CVE-2026-32740 in the rootio-libheif package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2023-49463 CVE-2023-49463 in rootio-libheif - Patched by Root
Root has patched CVE-2023-49463 in the rootio-libheif package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2025-68431 CVE-2025-68431 in rootio-libheif - Patched by Root
Root has patched CVE-2025-68431 in the rootio-libheif package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-32882 CVE-2026-32882 in rootio-libheif - Patched by Root
Root has patched CVE-2026-32882 in the rootio-libheif package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-32741 CVE-2026-32741 in rootio-libheif - Patched by Root
Root has patched CVE-2026-32741 in the rootio-libheif package for Root:Debian:12. Multiple fixed versions available...
Libheif 1.19.x < 1.23.0 DoS (macOS)
According to its self-reported version, libheif on the remote host is affected by a denial of service vulnerability. A crafted HEIF sequence file can cause libheif to perform unbounded heap allocation due to a missing bound check in the stsz fixed-size mode of the HEIF sequence parser, leading to...