Lucene search
+L

733 matches found

Fedora
Fedora
added 2026/04/25 1:55 a.m.10 views

[SECURITY] Fedora 44 Update: qt6-qtimageformats-6.10.3-1.fc44

The core Qt Gui library by default supports reading and writing image files of the most common file formats: PNG, JPEG, BMP, GIF and a few more, ref. Reading and Writing Image Files. The Qt Image Formats add-on module provides optional support for other image file formats, including: MNG, TGA,...

5.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.6 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/18 3:23 a.m.7 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the tga.c process of decoding TGA images using RLE compression, specifically when handling the raw-packet path, due to missing bounds checks. An attacker can achieve arbitrary code execution or cause a denial of...

9.8CVSS6.4AI score0.00314EPSS
Exploits0References2
NVD
NVD
added 2026/04/18 3:16 a.m.5 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS0.00314EPSS
Exploits0References2
OSV
OSV
added 2026/04/18 3:16 a.m.5 views

DEBIAN-CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.5AI score0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/18 1:42 a.m.35 views

CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS0.00314EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/18 1:42 a.m.14 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.4AI score0.00314EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/18 1:42 a.m.5 views

CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/18 1:42 a.m.4 views

CVE-2026-40494

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/18 1:42 a.m.6 views

EUVD-2026-23648

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
CVE
CVE
added 2026/04/18 1:42 a.m.22 views

CVE-2026-40494

SAIL's TGA codec contains a heap-based overflow in the RLE decoder’s raw-packet path (tga.c) prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302. The run-packet path correctly bounds the repeat count, but the raw-packet path lacks an equivalent bounds check, enabling attacker-controlled data...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References2
OSV
OSV
added 2026/04/18 1:42 a.m.3 views

CVE-2026-40494 SAIL has heap buffer overflow in TGA RLE decoder — raw packet path missing bounds check

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the TGA codec's RLE decoder in tga.c has an asymmetric bounds check vulnerability. The run-packet path line 297 correctl...

9.8CVSS6AI score0.00314EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/18 12:0 a.m.12 views

PT-2026-33587

Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302 Description SAIL is a cross-platform library used for loading and saving images, supporting animation, metadata, and ICC profiles. The TGA codec's RLE decoder in tga.c...

9.8CVSS5.9AI score0.00314EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-40494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...

9.8CVSS5.5AI score0.00314EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/18 12:0 a.m.13 views

SAIL 安全漏洞

SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from the RLE decoder in the TGA encoder/decoder’s asymmetric boundary checks. This vulnerability may lead to a stack buffer overflow...

9.8CVSS6AI score0.00314EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/04/06 12:0 a.m.7 views

Slackware: Security Advisory (SSA:2026-093-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.9AI score0.00184EPSS
Exploits0References3
Slackware Linux
Slackware Linux
added 2026/04/03 11:56 p.m.12 views

[slackware-security] krita

New krita packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/krita-5.0.2-i586-3slack15.0.txz: Rebuilt. This update fixes a security issue: Heap-based buffer overflow when parsing TGA files. Thanks to pbslxw f...

6.7CVSS7.3AI score0.00184EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-006179)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006179 advisory. A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can b...

7.3CVSS5.9AI score0.00191EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : GIMP vulnerabilities (USN-8075-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8075-1 advisory. Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on...

7.8CVSS6.1AI score0.07298EPSS
Exploits1References6
OSV
OSV
added 2026/03/04 5:42 p.m.7 views

USN-8075-1 gimp vulnerabilities

Michael Randrianantenaina discovered that calculating the linear size of a DDS file could overflow on 32-bit systems. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS...

7.8CVSS7.6AI score0.07298EPSS
Exploits1References6
Rows per page
Query Builder