Lucene search
K

691 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-33020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer...

7.1CVSS6.2AI score0.00205EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-33021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in...

7.3CVSS6AI score0.00247EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/15 1:41 p.m.5 views

SUSE CVE-2026-33018

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS5.8AI score0.00191EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/15 1:41 p.m.4 views

SUSE CVE-2026-33019

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinates up to INTMAX are accepted without overflow-safe bounds...

7.1CVSS5.9AI score0.00256EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/15 1:41 p.m.6 views

SUSE CVE-2026-33020

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixelframeconverttorgb888 in frame.c, where allocation size and pointer offset computations for palettised images PAL1, PAL...

7.1CVSS6.3AI score0.00205EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/15 1:41 p.m.5 views

SUSE CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS6AI score0.00247EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/15 1:41 p.m.4 views

SUSE CVE-2026-33023

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loadwithgdkpixbuf in loader.c. The cleanup path manually frees the sixelframet object and its interna...

7.8CVSS5.8AI score0.00289EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/15 5:55 a.m.3 views

CVE-2026-33018

A flaw was found in libsixel, a SIXEL encoder/decoder implementation. This Use-After-Free vulnerability occurs when processing specially crafted animated Graphics Interchange Format GIF files. A remote attacker could exploit this by providing a malicious multi-frame GIF, causing the application t...

7CVSS6AI score0.00191EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/04/15 5:55 a.m.3 views

CVE-2026-33020

A flaw was found in libsixel. An integer overflow vulnerability in the sixelframeconverttorgb888 function can lead to a heap buffer overflow when processing specially crafted large palettised PNG images. An attacker can exploit this by providing a malicious image, which causes heap corruption in...

7.1CVSS6.2AI score0.00205EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/04/15 5:55 a.m.5 views

CVE-2026-33023

A flaw was found in libsixel, specifically when it is built with the gdk-pixbuf2 option. A remote attacker can exploit a use-after-free vulnerability by supplying a crafted image, which can lead to information disclosure, memory corruption, or arbitrary code execution. Mitigation Mitigation for...

7.8CVSS6AI score0.00289EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/04/15 5:55 a.m.4 views

CVE-2026-33019

A flaw was found in libsixel. An attacker can trigger an integer overflow in the image processing component, img2sixel, by supplying a specially crafted crop argument. This vulnerability leads to an out-of-bounds memory read, which can cause the application to crash, resulting in a Denial of...

7.1CVSS6AI score0.00256EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/04/15 5:55 a.m.4 views

CVE-2026-33021

A flaw was found in libsixel, a SIXEL encoder/decoder implementation. An attacker who controls incoming frames can exploit a use-after-free vulnerability. This occurs because a caller-owned pixel buffer is prematurely freed during a resize operation, leaving a dangling pointer. This can lead to a...

7.3CVSS6.1AI score0.00247EPSS
Exploits1References5
OSV
OSV
added 2026/04/14 11:16 p.m.3 views

DEBIAN-CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS5.8AI score0.00247EPSS
Exploits1References1
NVD
NVD
added 2026/04/14 11:16 p.m.6 views

CVE-2026-33023

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loadwithgdkpixbuf in loader.c. The cleanup path manually frees the sixelframet object and its interna...

7.8CVSS0.00289EPSS
Exploits1References2
OSV
OSV
added 2026/04/14 11:16 p.m.4 views

DEBIAN-CVE-2026-33023

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loadwithgdkpixbuf in loader.c. The cleanup path manually frees the sixelframet object and its interna...

7.8CVSS5.6AI score0.00289EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/04/14 11:16 p.m.3 views

CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS5.9AI score0.00247EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/04/14 11:16 p.m.4 views

CVE-2026-33023

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loadwithgdkpixbuf in loader.c. The cleanup path manually frees the sixelframet object and its interna...

7.8CVSS5.8AI score0.00289EPSS
Exploits1References3
OSV
OSV
added 2026/04/14 11:16 p.m.4 views

UBUNTU-CVE-2026-33023

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free vulnerability exists in loadwithgdkpixbuf in loader.c. The cleanup path manually frees the sixelframet object and its interna...

7.8CVSS5.8AI score0.00289EPSS
Exploits1References4
OSV
OSV
added 2026/04/14 11:16 p.m.5 views

UBUNTU-CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS6AI score0.00247EPSS
Exploits1References4
NVD
NVD
added 2026/04/14 10:16 p.m.6 views

CVE-2026-33018

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS0.00191EPSS
Exploits1References2
Rows per page
Query Builder