Lucene search
K

925 matches found

CNNVD
CNNVD
added 2026/05/14 12:0 a.m.12 views

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and supports a wide range of image formats. Versions of OpenImageIO prior to 3.0.18.0 and 3.1.13.0 contained a buffer error vulnerability. This vulnerability stemmed from the RLE...

8.4CVSS6.1AI score0.00173EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.14 views

PT-2026-41023

Name of the Vulnerable Software and Affected Versions OpenImageIO versions prior to 3.0.18.0 OpenImageIO versions prior to 3.1.13.0 Description An issue exists in the toolset used for reading, writing, and manipulating image files for VFX and animation. Specifically, the softimageinput.cpp file...

8.4CVSS5.3AI score0.00173EPSS
Exploits1References9
OSV
OSV
added 2026/04/30 4:54 p.m.6 views

SUSE-SU-2026:21436-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...

9.8CVSS6.1AI score0.00656EPSS
Exploits19References57
OSV
OSV
added 2026/04/25 5:48 a.m.4 views

OESA-2026-2040 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

9.8CVSS7.2AI score0.00656EPSS
Exploits5References8
OSV
OSV
added 2026/04/25 5:48 a.m.10 views

OESA-2026-2039 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

9.8CVSS7.2AI score0.00656EPSS
Exploits5References8
OSV
OSV
added 2026/04/25 5:48 a.m.4 views

OESA-2026-2036 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP...

9.8CVSS7.2AI score0.00656EPSS
Exploits5References8
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.5 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References1
OSV
OSV
added 2026/04/18 3:16 a.m.5 views

DEBIAN-CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.5AI score0.00314EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/18 1:42 a.m.5 views

EUVD-2026-23648

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/18 1:42 a.m.7 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.4AI score0.00314EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/18 12:0 a.m.12 views

SAIL 安全漏洞

SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from the RLE decoder in the TGA encoder/decoder’s asymmetric boundary checks. This vulnerability may lead to a stack buffer overflow...

9.8CVSS6AI score0.00314EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/18 12:0 a.m.10 views

PT-2026-33587

Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302 Description SAIL is a cross-platform library used for loading and saving images, supporting animation, metadata, and ICC profiles. The TGA codec's RLE decoder in tga.c...

9.8CVSS5.9AI score0.00314EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2026/04/16 10:40 a.m.7 views

Security update for freerdp

This update for freerdp fixes the following issues: Security fixes: CVE-2026-26271: Buffer overread in FreeRDP icon processing bsc1258979. CVE-2026-26955: Out-of-Bounds write in ClearCodec surface command handler bsc1258982. CVE-2026-26965: Out-of-bounds write in planar bitmap RLE decompression...

8.8CVSS6.7AI score0.00656EPSS
Exploits5References30
OSV
OSV
added 2026/04/10 4:18 p.m.5 views

CLSA-2026-1775223344 freerdp: Fix of 3 CVEs

CVE-2023-39355: fix use-after-free in RDPGFXCMDIDRESETGRAPHICS handling when context-maxPlaneSize == 0; update context-planesBuffer after free and prevent access to freed memory - CVE-2026-26965: fix heap out-of-bounds write in RLE planar decode that permit attacker-controlled pixel data and...

9.8CVSS7.4AI score0.01069EPSS
Exploits3References1
CVE
CVE
added 2026/04/09 2:42 p.m.30 views

CVE-2026-5441

CVE-2026-5441 concerns the DicomImageDecoder's PMSCT_RLE1 (Philips) decompression in DecodePsmctRle1. The issue: escape markers near the end of the compressed stream are not properly validated, enabling an out-of-bounds read that can leak heap data into the rendered image output. Impact is descri...

7.1CVSS6AI score0.00136EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/09 12:12 p.m.5 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.5AI score0.00591EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/04/07 9:50 a.m.7 views

freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A malicious RDP server can exploit a heap out-of-bounds write vulnerability in the planardecompressplanerle function. This vulnerability allows the server to write past the end of a temporary buffer, potentiall...

8.8CVSS6.5AI score0.00591EPSS
Exploits1References6
Rockylinux
Rockylinux
added 2026/04/07 12:1 a.m.4 views

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

8.8CVSS6.6AI score0.00591EPSS
Exploits2
OSV
OSV
added 2026/04/07 12:1 a.m.11 views

RLSA-2026:6005 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write ...

8.8CVSS6.5AI score0.00591EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2026/04/06 6:44 p.m.5 views

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS6.6AI score0.00591EPSS
Exploits2References3
Rows per page
Query Builder