Lucene search
K

91 matches found

RedhatCVE
RedhatCVE
added 13 hours ago5 views

CVE-2026-56361

A flaw was found in ImageMagick. An attacker can exploit an off-by-one error in the morphology validation by providing incorrect morphology parameters. This can lead to out-of-bounds heap buffer reads and heap buffer overflow, potentially causing memory access violations. Mitigation To reduce...

7.1CVSS6AI score0.00128EPSS
Exploits0References5
OSV
OSV
added 2026/06/05 2:17 a.m.9 views

DEBIAN-CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS6AI score0.00153EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 2:17 a.m.5 views

UBUNTU-CVE-2026-41567

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.5CVSS6AI score0.00153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/05 12:35 a.m.51 views

CVE-2026-41567 Docker: `PUT /containers/{id}/archive` executes container binary on the host

Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves decompression binaries such as xz or unpigz fr...

7.2CVSS0.00153EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 5:58 p.m.8 views

GHSA-H64W-W9PR-82M4 ExifReader is vulnerable to denial of service via crafted ICC `mluc` tag

Impact When parsing an image with an embedded ICC profile that contains a crafted multiLocalizedUnicodeType mluc tag, ExifReader can be made to allocate memory proportional to attacker-controlled fields in the tag rather than to the actual size of the input. Processing such an image causes...

8.7CVSS5.9AI score0.00528EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/08 11:18 a.m.8 views

CVE-2026-42146

A flaw was found in CImg Library. A remote attacker can exploit this vulnerability by providing a specially crafted BMP Bitmap image file. This occurs because the nbcolors field in the BMP file header is used directly to compute an allocation size without proper validation against the remaining...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-42144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadp...

6.1CVSS6.1AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2026/05/04 6:16 p.m.4 views

DEBIAN-CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS6.1AI score0.00142EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:51 p.m.5 views

CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS6.1AI score0.00142EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/15 9:30 p.m.6 views

EUVD-2026-23026

A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...

5.5CVSS6.1AI score0.00196EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.6 views

PT-2026-33129

A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...

5.5CVSS6.1AI score0.00196EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/30 12:34 p.m.1 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the zisofs process in ISO9660 image handling on 32-bit systems. An attacker can potentially execute arbitrary code by supplying a specially crafted ISO9660 image that triggers an integer overflow, leading to ...

9.8CVSS6.3AI score0.01073EPSS
Exploits0References2
NVD
NVD
added 2026/03/16 2:17 p.m.5 views

CVE-2025-52638

HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...

7.2CVSS0.00127EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 12:35 p.m.2 views

CVE-2025-52638 Multiple security vulnerabilities affect HCL AION

HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...

5.6CVSS6AI score0.00127EPSS
Exploits0References1
CVE
CVE
added 2026/03/16 12:35 p.m.8 views

CVE-2025-52638

CVE-2025-52638 affects HCL AION. The documented issue is that generated containers may execute binaries with root-level privileges, increasing risk when containers run with root privileges inside the container environment. Connected sources reiterate the same vulnerability description across mult...

7.2CVSS6AI score0.00127EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/16 12:35 p.m.20 views

CVE-2025-52638 Multiple security vulnerabilities affect HCL AION

HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...

5.6CVSS0.00127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/10 6:48 p.m.5 views

CVE-2026-30929

A flaw was found in ImageMagick. Processing a specially crafted image with the MagnifyImage function can cause a stack-based buffer overflow and memory corruption, leading to a denial of service and potentially arbitrary code execution. Mitigation To reduce the risk of exploitation, avoid...

7.8CVSS6.3AI score0.00107EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/10 6:30 a.m.5 views

CVE-2026-28493

A flaw was found in ImageMagick. An integer overflow vulnerability exists in the SIXEL decoder, which allows a remote attacker to perform an out-of-bounds write via a specially crafted image. This can lead to a Denial of Service DoS and potentially information disclosure. Mitigation To mitigate...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/26 4:22 a.m.9 views

CVE-2026-27798

A flaw was found in ImageMagick. A local user could exploit a heap buffer over-read vulnerability by processing a specially crafted image with small dimensions using the -wavelet-denoise operator. This vulnerability may lead to the disclosure of sensitive information. Mitigation To reduce exposur...

7.1CVSS5.6AI score0.00137EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/24 5:17 a.m.6 views

CVE-2026-25796

A flaw was found in ImageMagick, an open-source software for image manipulation. This vulnerability is a memory leak that occurs when processing certain image objects. An attacker can exploit this flaw to repeatedly trigger the memory leak, which can lead to a Denial of Service DoS by consuming...

7.5CVSS5.5AI score0.00376EPSS
Exploits0References4
Rows per page
Query Builder