3487 matches found
CVE-2026-53461
A flaw was found in ImageMagick. An incorrect loop in the ICON decoder can lead to an out-of-bounds heap write. This vulnerability allows a remote attacker to cause a denial of service DoS by providing a specially crafted image file, leading to a system crash. Mitigation Red Hat is not aware of a...
ImageMagick 7.x < 7.1.2-25 Multiple Vulnerabilities
The remote host has a version of ImageMagick 7.x installed that is prior to 7.1.2-25. It is, therefore, affected by multiple vulnerabilities: - A memory corruption vulnerability can result in a denial of service condition. CVE-2026-53465 - A denial of service vulnerability exists that can be...
CVE-2026-4367
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...
CVE-2026-4367
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...
DEBIAN-CVE-2026-52719
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...
PT-2026-49335
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...
CVE-2026-47224 NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check
NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...
CVE-2026-47224
Summary: CVE-2026-47224 affects NanaZip on Windows: a heap buffer-overflow read in the LVM2 physical-volume metadata parser (via the upstream 7-Zip LvmHandler) can be triggered by opening a crafted LVM disk image. Affected are NanaZip versions 3.0.1000.0 through 6.0.1697.999; the issue is fixed i...
SUSE CVE-2026-48681
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image...
CVE-2026-48733
A flaw was found in ImageMagick. A remote attacker could exploit an infinite loop vulnerability in the subimage-search operation by providing a specially crafted image. This could lead to a Denial of Service DoS condition, making the affected system or application unresponsive...
CVE-2026-48724
A flaw was found in ImageMagick. When processing a specially crafted image that uses a mask with the Floyd-Steinberg dithering method, a negative heap buffer overwrite can occur. This vulnerability could allow an attacker to cause a denial of service DoS by crashing the application...
CVE-2026-46521
A flaw was found in ImageMagick. When processing an image with LZMA compression in the MIFF encoder, a missing check can lead to an out-of-bounds write. This vulnerability could allow an attacker to cause a denial of service DoS by providing a specially crafted image file, leading to application...
CVE-2026-46523
A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted MSL Magick Scripting Language image. Processing this malicious image could trigger a...
DEBIAN-CVE-2026-48733
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...
Infinite loop
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Infinite loop
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Infinite loop
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Infinite loop
Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Infinite loop
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Infinite loop
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...