Lucene search
K

1216 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/18 1:41 a.m.4 views

CVE-2026-40493

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...

9.8CVSS6.1AI score0.00367EPSS
Exploits0References3
CVE
CVE
added 2026/04/18 1:41 a.m.23 views

CVE-2026-40493

SAIL PSD decoder in LAB mode (3 channels, 16-bit depth) suffers a heap buffer overflow due to a bpp mismatch: bytes-per-pixel is computed as (channelsdepth) but the allocated buffer uses the resolved pixel format (BPP40_CIE_LAB yields 5 bytes/pixel while 3 16 would imply 6). This causes every pix...

9.8CVSS6.1AI score0.00367EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/18 1:41 a.m.5 views

CVE-2026-40493 SAIL has heap buffer overflow in PSD decoder — bpp mismatch in LAB 16-bit mode

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel bpp from raw header fields channels depth, but the pixel buffer is allocated base...

9.8CVSS6.1AI score0.00367EPSS
Exploits0References2
CVE
CVE
added 2026/04/18 1:39 a.m.25 views

CVE-2026-40492

SAIL’s CVE-2026-40492 describes a heap buffer overflow in the XWD decoder caused by a mismatch: when pixmap_depth=8, the code uses bits_per_pixel=32 for byte-swapping, leading to memory access beyond the 1-byte/pixel buffer. The issue affects versions prior to the patch 36aa5c7ec8a2bb35f6fb867a11...

9.8CVSS6AI score0.00332EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/18 1:39 a.m.5 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS5.6AI score0.00332EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/18 1:39 a.m.3 views

CVE-2026-40492

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS6AI score0.00397EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/18 1:39 a.m.6 views

EUVD-2026-23644

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS6AI score0.00397EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/18 1:39 a.m.36 views

CVE-2026-40492 SAIL has heap buffer overflow in XWD decoder — bits_per_pixel vs pixmap_depth type confusion in byte-swap

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS0.00332EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/18 1:39 a.m.6 views

CVE-2026-40492 SAIL has heap buffer overflow in XWD decoder — bits_per_pixel vs pixmap_depth type confusion in byte-swap

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...

9.8CVSS6AI score0.00332EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/18 12:0 a.m.25 views

PT-2026-33585

Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02 Description The XWD codec resolves pixel format based on the pixmap depth variable, but the byte-swap code independently uses bits per pixel. When pixmap depth is 8 BPP8...

9.8CVSS6AI score0.00332EPSS
Exploits0References7
Rapid7 Blog
Rapid7 Blog
added 2026/04/17 8:35 p.m.11 views

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On th...

9.8CVSS6.5AI score0.05648EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-010667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010667 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007523 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is...

5.5CVSS6.2AI score0.00218EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/15 9:30 p.m.5 views

EUVD-2026-23022

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...

5CVSS6AI score0.0021EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/15 8:16 p.m.6 views

CVE-2026-40916

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...

5.5CVSS5.9AI score0.0021EPSS
Exploits0References2
OSV
OSV
added 2026/04/15 8:16 p.m.2 views

UBUNTU-CVE-2026-40916

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...

5.5CVSS5.9AI score0.0021EPSS
Exploits0References3
Metasploit
Metasploit
added 2026/04/15 7:2 p.m.385 views

Windows Persistence Bits Job

This module establishes persistence through a BITS job that downloads and executes a payload. Background Intelligent Transfer Service BITS is a Windows service for transferring files in the background using idle network bandwidth. BITS jobs are persistent and will resume across reboots until...

5.9AI score
Exploits0
Debian CVE
Debian CVE
added 2026/04/15 6:58 p.m.4 views

CVE-2026-40916

A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...

5.5CVSS5.6AI score0.0021EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.9 views

GIMP 安全漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability, which stems from a stack buffer overflow in the 4BPP decoding path of the TIM image loader. This vulnerability may cause denial-of-service attacks when opening specially crafted TIM image fil...

5.5CVSS6AI score0.0021EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/13 3:0 a.m.6 views

undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter

A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid servermaxwindowbits parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate,...

7.5CVSS7.1AI score0.00874EPSS
Exploits0References9
Rows per page
Query Builder