733 matches found
[SECURITY] Fedora 44 Update: qt6-qtimageformats-6.10.3-1.fc44
The core Qt Gui library by default supports reading and writing image files of the most common file formats: PNG, JPEG, BMP, GIF and a few more, ref. Reading and Writing Image Files. The Qt Image Formats add-on module provides optional support for other image file formats, including: MNG, TGA,...
CVE-2026-40494
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the tga.c process of decoding TGA images using RLE compression, specifically when handling the raw-packet path, due to missing bounds checks. An attacker can achieve arbitrary code execution or cause a denial of...
CVE-2026-40494
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
DEBIAN-CVE-2026-40494
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
CVE-2026-40494
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
CVE-2026-40494
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
EUVD-2026-23648
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
CVE-2026-40494
SAIL's TGA codec contains a heap-based overflow in the RLE decoder’s raw-packet path (tga.c) prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. The run-packet path correctly bounds the repeat count, but the raw-packet path lacks an equivalent bounds check, enabling attacker-controlled data...
CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...
PT-2026-33587
Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302 Description SAIL is a cross-platform library used for loading and saving images, supporting animation, metadata, and ICC profiles. The TGA codec's RLE decoder in tga.c...
Linux Distros Unpatched Vulnerability : CVE-2026-40494
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...
SAIL 安全漏洞
SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from the RLE decoder in the TGA encoder/decoder’s asymmetric boundary checks. This vulnerability may lead to a stack buffer overflow...
Slackware: Security Advisory (SSA:2026-093-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] krita
New krita packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/krita-5.0.2-i586-3slack15.0.txz: Rebuilt. This update fixes a security issue: Heap-based buffer overflow when parsing TGA files. Thanks to pbslxw f...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-006179)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006179 advisory. A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can b...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : GIMP vulnerabilities (USN-8075-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8075-1 advisory. Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on...
USN-8075-1 gimp vulnerabilities
Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on 32-bit systems. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS...