Lucene search
K

3170 matches found

RedHat Linux
RedHat Linux
added 2026/04/28 7:43 a.m.7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/28 7:39 a.m.7 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.3AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/27 2:14 a.m.8 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS5.5AI score0.00398EPSS
Exploits0References6
Fedora
Fedora
added 2026/04/25 1:53 a.m.5 views

[SECURITY] Fedora 44 Update: python-pydicom-3.0.2-1.fc44

pydicom is a pure python package for working with DICOM files. It was made for inspecting and modifying DICOM data in an easy "pythonic" way. The modifications can be written again to a new file. pydicom is not a DICOM server, and is not primarily about viewing images. It is designed to let you...

7.8CVSS5.3AI score0.00279EPSS
Exploits1
EUVD
EUVD
added 2026/04/24 12:31 a.m.5 views

EUVD-2026-25318

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/23 9:57 p.m.3 views

CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.2AI score0.00315EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 9:57 p.m.3 views

CVE-2026-41334

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/23 9:57 p.m.30 views

CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS0.00315EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 9:57 p.m.15 views

CVE-2026-41334

OpenClaw before 2026.3.31 is affected by a decompression bomb DoS in image processing. The vulnerability stems from failing to properly enforce pixel-limit guards on sips, allowing attackers to upload oversized images that exhaust memory and cause denial of service. The CVSS metrics indicate netw...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.10 views

PT-2026-34765

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

7.1CVSS5.8AI score0.00315EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/22 9:46 a.m.19 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.2AI score0.00398EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.6 views

CVE-2026-40493

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...

9.8CVSS6AI score0.00367EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.6 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS6AI score0.00332EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/20 11:34 a.m.9 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.2AI score0.00398EPSS
Exploits0References6
OSV
OSV
added 2026/04/20 12:0 a.m.8 views

ALSA-2026:8945 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution v...

7.5CVSS6.6AI score0.00426EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/18 3:22 a.m.6 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the XWD decoder when there is a type confusion between bitsperpixel and pixmapdepth during the byte-swap process. An attacker can achieve arbitrary code execution or cause a denial of service by providing a crafte...

9.8CVSS6.4AI score0.00332EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/18 3:22 a.m.6 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the PSD decoding process due to a mismatch between the computed bytes-per-pixel from the image header and the allocated pixel buffer size in LAB 16-bit mode. An attacker can achieve arbitrary code execution or cau...

9.8CVSS6.7AI score0.00367EPSS
Exploits0References2
OSV
OSV
added 2026/04/18 3:16 a.m.6 views

DEBIAN-CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS5.6AI score0.00332EPSS
Exploits0References1
OSV
OSV
added 2026/04/18 3:16 a.m.6 views

DEBIAN-CVE-2026-40493

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...

9.8CVSS5.6AI score0.00367EPSS
Exploits0References1
NVD
NVD
added 2026/04/18 3:16 a.m.11 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS0.00332EPSS
Exploits0References2
Rows per page
Query Builder