Lucene search
K

913 matches found

RedHat Linux
RedHat Linux
added 2026/04/28 7:20 a.m.7 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS5.8AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/28 7:16 a.m.5 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS5.8AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/27 9:28 a.m.10 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS8.1AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/27 2:8 a.m.5 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS8.1AI score0.01069EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/27 1:38 a.m.7 views

gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS8.1AI score0.01069EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2026/04/27 12:0 a.m.89 views

📄 thumbler 1.1.2 Command Injection

The thumbler package through version 1.1.2 contains a critical command injection vulnerability in the thumbnail function. User-supplied input parameters input, output, time, size are concatenated into a single ffmpeg command string and executed via childprocess.exec without proper sanitization. A...

9.8CVSS6.8AI score0.02308EPSS
Exploits4
OSV
OSV
added 2026/04/24 3:21 p.m.6 views

GHSA-H6HF-9846-XWRQ Lemmy has SSRF and internal image disclosure in post link metadata via unvalidated og:image

Summary Lemmy fetches metadata for user-supplied post URLs and, under the default StoreLinkPreviews image mode, downloads the preview image through local pict-rs. While the top-level page URL is checked against internal IP ranges, the extracted og:image URL is not subject to the same restriction...

6.5CVSS5.5AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

WordPress plugin Royal Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00264EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.16 views

PT-2026-37170

Name of the Vulnerable Software and Affected Versions Lemmy versions prior to 0.19.18 Description Lemmy fetches metadata for user-supplied post URLs and, when using the default StoreLinkPreviews image mode, downloads preview images via local pict-rs. While the initial top-level page URL is checke...

6.5CVSS5.8AI score0.00209EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gdk-pixbuf2 (UTSA-2026-014288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014288 advisory. A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color compone...

7.5CVSS8AI score0.01069EPSS
Exploits1References4
NVD
NVD
added 2026/04/21 11:16 p.m.3 views

CVE-2026-41061

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isValidDuration regex at objects/video.php:918 uses /^0-91,2:0-91,2:0-91,2/ without a $ end anchor, allowing arbitrary HTML/JavaScript to be appended after a valid duration prefix. The crafted duration is stored in the...

5.4CVSS0.00173EPSS
Exploits1References2
OSV
OSV
added 2026/04/14 11:56 a.m.7 views

CLSA-2026-1776167812 ImageMagick: Fix of 5 CVEs

CVE-2025-53019: fix memory leak in StreamImage with multiple %d in filename template - CVE-2025-55212: fix division-by-zero in ThumbnailImage via zero-dimension geometry - CVE-2026-25795: fix NULL dereference in ReadSFWImage on temp file failure - CVE-2026-25799: fix division-by-zero in YUV...

7.5CVSS6.7AI score0.00851EPSS
Exploits1References1
Fedora
Fedora
added 2026/04/13 9:7 p.m.7 views

[SECURITY] Fedora 44 Update: geeqie-2.7-2.fc44

Geeqie has been forked from the GQview project with the goal of picking up development and integrating patches. It is an image viewer for browsing through graphics files. Its many features include single click file viewing, support for external editors, previewing images using thumbnails, and zoo...

9.8CVSS5.7AI score0.00735EPSS
Exploits3
Amazon
Amazon
added 2026/04/13 12:0 a.m.9 views

Important: gdk-pixbuf2

Issue Overview: In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a deni...

7.8CVSS8AI score0.01069EPSS
Exploits2
Talos
Talos
added 2026/04/07 12:0 a.m.11 views

LibRaw x3f_thumb_loader heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2358 LibRaw x3fthumbloader heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20889 SUMMARY A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious...

9.8CVSS6.5AI score0.00645EPSS
Exploits1
Snyk
Snyk
added 2026/03/31 1:41 p.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the gdkpixbufjpegimageload function of the JPEG image loader. An attacker can cause application crashes and disrupt service availability by submitting a specially crafted JPEG image that triggers improper...

8.7CVSS7.2AI score0.01069EPSS
Exploits1References2
OSV
OSV
added 2026/03/31 9:16 a.m.3 views

DEBIAN-CVE-2026-5201

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS8.1AI score0.01069EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 9:16 a.m.8 views

CVE-2026-5201

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS0.01069EPSS
Exploits1References27
UbuntuCve
UbuntuCve
added 2026/03/31 9:16 a.m.5 views

CVE-2026-5201

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS7.2AI score0.01069EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/31 8:32 a.m.5 views

CVE-2026-5201 Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS6.1AI score0.01069EPSS
Exploits1References25
Rows per page
Query Builder