ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder

In MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. ================================================================= ==969652==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000003b40 at pc 0x555557b2a926 bp 0x7fffffff4c80 sp...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ReadMATImage function in mat.c, which mistakenly uses 32-bit arithmetic. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Release Credit: ylwango613...

EUVD-2026-10387

ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder...

CVE-2026-28692

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

UBUNTU-CVE-2026-28692

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

PT-2026-24631

In MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. ================================================================= ==969652==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000003b40 at pc 0x555557b2a926 bp 0x7fffffff4c80 sp...

CVE-2026-28692

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

CVE-2026-28692

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

📄 Jinja 2 1.4.0 Tactical RMM SSTI Detection

This proof of concept script detects potential server-side template injection vulnerabilities in web applications using template engines such as Jinja. The script sends a dynamically generated mathematical expression within a template payload to a target URL parameter. If the server evaluates the...

USN-8076-1 qtbase-opensource-src vulnerabilities

It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...

Adobe SDK 1.7.1 2410 Overflow Analysis / Fuzzing Model

This Python script implements a comprehensive framework to model, detect, and analyze integer overflows in 32-bit arithmetic, particularly in the context of image memory allocation. The framework combines formal methods, stepwise arithmetic, symbolic execution, SMT-style constraint solving,...

📄 PJSIP PJMEDIA H.264 Denial of Service

A logic validation flaw was identified in the H.264 packetization routine within the PJMEDIA component of PJSIP. Specifically, insufficient validation of FU-A Fragmentation Unit – Type A state handling in pjmediah264packetize may allow malformed RTP payloads to trigger unsafe pointer arithmetic...

BIT-MOODLE-2025-67850 Moodle: moodle: cross-site scripting vulnerability via inadequate input filtering in formula editor

A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...

📄 Samsung Quram DNG Heap Corruption

Samsung devices utilize Quram's DNG decoder. A malformed ScalePerColumn opcode with oversized areaSpec and extreme pitches leads to arithmetic overflow in the per-column scaling loop. After allocation miscalculation, subsequent writes corrupt heap structures. Carefully crafted payloads enable...

UBUNTU-CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

EUVD-2026-5475

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

CVE-2026-23069

CVE-2026-23069 (Linux kernel) : In vsock/virtio, the credit calculation in virtio_transport_get_credit() can underflow when the peer’s advertised buffer (peer_buf_alloc) shrinks while data is in flight, potentially allowing more data to be queued than the peer can handle. The issue arises from un...

Linux Distros Unpatched Vulnerability : CVE-2025-67850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an arithmetic underflow, potentially leading to excessive data queues...