Lucene search
K

3160 matches found

Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.20 views

PT-2026-38486

A read of pixels was coded as modifying coordinates to lie within the image bounds. It would calculate a coordinate by adding a constant to an input and taking the minimum of the resulting coordinate and 'dimension - 1'. This would not protect against malicious inputs that could overflow the...

6.9CVSS5.9AI score
Exploits0References3
The Hacker News
The Hacker News
added 2026/05/06 9:13 a.m.13 views

Google's Android Apps Get Public Verification to Stop Supply Chain Attacks

Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said. The initiati...

6AI score
Exploits0
Android Security Bulletins
Android Security Bulletins
added 2026/05/05 12:0 a.m.42 views

Pixel Update Bulletin—May 2026Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of or later address all issues in this bulletin and all issues in the May 2026 Android Security Bulletin. ...

6.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/02 5:29 a.m.7 views

CVE-2026-7049 PixelYourSite Pro <= 12.5.0.1 - Unauthenticated Blind Server-Side Request Forgery via 'urls[]' Parameter

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

7.2CVSS5.9AI score0.00577EPSS
Exploits0References10
EUVD
EUVD
added 2026/05/02 5:29 a.m.8 views

EUVD-2026-26749

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

7.2CVSS5.9AI score0.00577EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/05/02 5:29 a.m.3 views

CVE-2026-7049

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

7.2CVSS5.9AI score0.00577EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/04/30 5:53 p.m.12 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/30 4:54 p.m.8 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.4AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 11:31 a.m.9 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/29 11:27 a.m.12 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/28 7:54 a.m.7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.3AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/28 7:43 a.m.7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/28 7:39 a.m.7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.3AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/27 2:14 a.m.8 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
Fedora
Fedora
added 2026/04/25 1:53 a.m.5 views

[SECURITY] Fedora 44 Update: python-pydicom-3.0.2-1.fc44

pydicom is a pure python package for working with DICOM files. It was made for inspecting and modifying DICOM data in an easy "pythonic" way. The modifications can be written again to a new file. pydicom is not a DICOM server, and is not primarily about viewing images. It is designed to let you...

7.8CVSS5.3AI score0.00279EPSS
Exploits1
EUVD
EUVD
added 2026/04/24 12:31 a.m.5 views

EUVD-2026-25318

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/23 9:57 p.m.29 views

CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS0.00315EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:57 p.m.3 views

CVE-2026-41334

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/23 9:57 p.m.3 views

CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.2AI score0.00315EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 9:57 p.m.13 views

CVE-2026-41334

OpenClaw before 2026.3.31 is affected by a decompression bomb DoS in image processing. The vulnerability stems from failing to properly enforce pixel-limit guards on sips, allowing attackers to upload oversized images that exhaust memory and cause denial of service. The CVSS metrics indicate netw...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder