167 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fixed a null pointer dereference in loadvideobinaries. The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed by a dereference of mycs-yuvscalerbinary after the following call chai...
Astra Linux - уязвимость в libsdl1.2
It was discovered that SDL v1.2 contains a use-after-free issue due to the XFree function in the file /src/video/x11/SDLx11yuv.c...
Astra Linux - уязвимость в imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in the YUV sampling factor validation allowed an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading,...
OPENSUSE-SU-2026:20657-1 Security update for freerdp
This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...
CLSA-2026-1776180138 Fix of 12 CVEs
SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53101.patch: fix vulnerability in image handling - CVE-2025-53101 SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53014.patch: fix vulnerability in image handling - CVE-2025-53014 SECURIT...
CLSA-2026-1776179155 Fix of 8 CVEs
SECURITY UPDATE: fix division by zero in YUV coder - debian/patches/CVE-2026-25799.patch: fix division by zero in YUV coder - CVE-2026-25799 SECURITY UPDATE: fix NULL pointer dereference in SFW coder - debian/patches/CVE-2026-25795.patch: fix NULL pointer dereference in SFW coder - CVE-2026-25795...
CLSA-2026-1776167812 ImageMagick: Fix of 5 CVEs
CVE-2025-53019: fix memory leak in StreamImage with multiple %d in filename template - CVE-2025-55212: fix division-by-zero in ThumbnailImage via zero-dimension geometry - CVE-2026-25795: fix NULL dereference in ReadSFWImage on temp file failure - CVE-2026-25799: fix division-by-zero in YUV...
Medium: freerdp
Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In...
CLSA-2026-1775669370 ImageMagick: Fix of CVE-2026-25986
CVE-2026-25986: heap buffer overflow write in YUV decoder when image dimensions are not properly validated...
CLSA-2026-1775670018 ImageMagick: Fix of CVE-2026-25986
CVE-2026-25986: heap buffer overflow write in YUV decoder when image dimensions are not properly validated...
Medium: freerdp
Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In...
Amazon Linux 2023 : freerdp, freerdp-devel, freerdp-libs (ALAS2023-2026-1520)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1520 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due...
SUSE CVE-2026-33986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
UBUNTU-CVE-2026-33986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
EUVD-2026-17233
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
CVE-2026-33986 FreeRDP: H.264 YUV Buffer Dimension Desync - Heap OOB Write
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
CVE-2026-33986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
CVE-2026-33986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
USN-8127-1: ImageMagick vulnerabilities
It was discovered that ImageMagick did not properly process certain tags prior to an image being loaded. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. CVE-2026-23952 It was discovered that ImageMagick did not properly handle temporary...
USN-8127-1 imagemagick vulnerabilities
It was discovered that ImageMagick did not properly process certain tags prior to an image being loaded. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. CVE-2026-23952 It was discovered that ImageMagick did not properly handle temporary...