91 matches found
CVE-2026-56361
A flaw was found in ImageMagick. An attacker can exploit an off-by-one error in the morphology validation by providing incorrect morphology parameters. This can lead to out-of-bounds heap buffer reads and heap buffer overflow, potentially causing memory access violations. Mitigation To reduce...
DEBIAN-CVE-2026-41567
Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...
UBUNTU-CVE-2026-41567
Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...
CVE-2026-41567 Docker: `PUT /containers/{id}/archive` executes container binary on the host
Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...
GHSA-H64W-W9PR-82M4 ExifReader is vulnerable to denial of service via crafted ICC `mluc` tag
Impact When parsing an image with an embedded ICC profile that contains a crafted multiLocalizedUnicodeType mluc tag, ExifReader can be made to allocate memory proportional to attacker-controlled fields in the tag rather than to the actual size of the input. Processing such an image causes...
CVE-2026-42146
A flaw was found in CImg Library. A remote attacker can exploit this vulnerability by providing a specially crafted BMP Bitmap image file. This occurs because the nbcolors field in the BMP file header is used directly to compute an allocation size without proper validation against the remaining...
Linux Distros Unpatched Vulnerability : CVE-2026-42144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadp...
DEBIAN-CVE-2026-42144
CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...
CVE-2026-42144
CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...
EUVD-2026-23026
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...
PT-2026-33129
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the zisofs process in ISO9660 image handling on 32-bit systems. An attacker can potentially execute arbitrary code by supplying a specially crafted ISO9660 image that triggers an integer overflow, leading to ...
CVE-2025-52638
HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...
CVE-2025-52638 Multiple security vulnerabilities affect HCL AION
HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...
CVE-2025-52638
CVE-2025-52638 affects HCL AION. The documented issue is that generated containers may execute binaries with root-level privileges, increasing risk when containers run with root privileges inside the container environment. Connected sources reiterate the same vulnerability description across mult...
CVE-2025-52638 Multiple security vulnerabilities affect HCL AION
HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...
CVE-2026-30929
A flaw was found in ImageMagick. Processing a specially crafted image with the MagnifyImage function can cause a stack-based buffer overflow and memory corruption, leading to a denial of service and potentially arbitrary code execution. Mitigation To reduce the risk of exploitation, avoid...
CVE-2026-28493
A flaw was found in ImageMagick. An integer overflow vulnerability exists in the SIXEL decoder, which allows a remote attacker to perform an out-of-bounds write via a specially crafted image. This can lead to a Denial of Service DoS and potentially information disclosure. Mitigation To mitigate...
CVE-2026-27798
A flaw was found in ImageMagick. A local user could exploit a heap buffer over-read vulnerability by processing a specially crafted image with small dimensions using the -wavelet-denoise operator. This vulnerability may lead to the disclosure of sensitive information. Mitigation To reduce exposur...
CVE-2026-25796
A flaw was found in ImageMagick, an open-source software for image manipulation. This vulnerability is a memory leak that occurs when processing certain image objects. An attacker can exploit this flaw to repeatedly trigger the memory leak, which can lead to a Denial of Service DoS by consuming...