Lucene search
K

3517 matches found

RedHat Linux
RedHat Linux
added 6 hours ago5 views

podman: Podman: Information disclosure via malicious container image environment variables

A flaw was found in Podman, a tool for managing OCI containers and pods. A malicious container image can be crafted with an environment variable that has a key but no value, or an asterisk , to trick Podman. This vulnerability causes Podman to pass host environment variables into the container...

7.5CVSS6AI score0.0026EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 10 hours ago4 views

OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An integer overflow vulnerability exists in the ImageChannel::resize function, which can be triggered when processing a specially crafted OpenEXR image file through the OpenEXRUtil public API. This can...

8.8CVSS6.2AI score0.00355EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-61465

A flaw was found in ImageMagick. This vulnerability occurs because ImageMagick is missing a check for the allowed memory allocation limit during certain image processing operations, such as when using the -canny function. A remote attacker could provide a specially crafted image, causing the...

5.5CVSS6.1AI score0.00105EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-55781 NanaZip: Unbounded memory allocation (DoS) in NanaZip UFS parser via unvalidated fs_bsize/fs_fsize superblock fields

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fsfsize fragment size, allowin...

2.4CVSS0.00112EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-56397

Name of the Vulnerable Software and Affected Versions Imager versions prior to 1.033 Description Imager for Perl incorrectly treats unsigned EXIF IFD Image File Directory entry counts as signed. When processing large entry count values, the software interprets them as negative numbers, which can...

9.8CVSS6.1AI score0.00394EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 6 days ago10 views

Linux Distros Unpatched Vulnerability : CVE-2026-59089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Tab...

5.5CVSS6.1AI score0.00208EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-59089

A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table CLUT due to an integer overflow. This occurs when multiplying numcolors and numcluts, both 16-bit unsigned short integers, resulting i...

5.5CVSS6AI score0.00208EPSS
Exploits1References4
EUVD
EUVD
added last week4 views

EUVD-2026-41913

A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table CLUT due to an integer overflow. This occurs when multiplying numcolors and numcluts, both 16-bit unsigned short integers, resulting i...

5.5CVSS6AI score0.00208EPSS
Exploits1References3
CVE
CVE
added last week17 views

CVE-2026-59089

GIMP contains a vulnerability in its PlayStation TIM loader: the CLUT size is computed by multiplying two 16-bit unsigned values (num_colors and num_cluts), which can overflow and exceed integer limits. This overflow triggers undefined behavior that causes the GIMP plug-in to abort when processin...

5.5CVSS6AI score0.00208EPSS
Exploits1References3Affected Software2
RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-59089

A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table CLUT due to an integer overflow. This occurs when multiplying numcolors and numcluts, both 16-bit unsigned short integers, resulting i...

5.5CVSS6AI score0.00208EPSS
Exploits1References4
OSV
OSV
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2834 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.7 views

PT-2026-55982

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description The PlayStation TIM loader, which handles PlayStation image files, contains an integer overflow when calculating the size of the Color Look-Up Table CLUT. This occurs during the multiplication o...

5.5CVSS6.1AI score0.00208EPSS
Exploits1References7
NVD
NVD
added 2026/07/03 7:16 p.m.9 views

CVE-2026-58379

A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...

7.3CVSS0.00233EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55578

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...

7.3CVSS6.6AI score0.00233EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/07/02 12:47 p.m.6 views

CVE-2026-47262

A flaw was found in containerd, an open-source container runtime. A remote attacker could exploit this vulnerability by providing a maliciously crafted image. When a container is created from this image, it leads to uncontrolled resource consumption and memory exhaustion, causing the containerd...

6.5CVSS5.8AI score0.00317EPSS
Exploits0References4
OSV
OSV
added 2026/07/02 6:58 a.m.3 views

OPENSUSE-SU-2026:21207-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...

7.5CVSS5.9AI score0.00301EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 7:25 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 7:16 p.m.6 views

CVE-2026-55577

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...

5.9CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 7:16 p.m.8 views

CVE-2026-47262

containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...

5.5CVSS0.00317EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 5:48 p.m.90 views

CVE-2026-47262

CVE-2026-47262 affects containerd where a maliciously crafted image can trigger a Denial of Service by exhausting memory during container creation, causing an Out-Of-Memory (OOM) kill of the containerd process and making the runtime API unavailable (impacting clients like Docker Engine and Kubern...

5.5CVSS5.7AI score0.00317EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder