Lucene search
K

875 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in exiv2

In Exiv2 versions 0.27.1, an uncontrolled memory allocation for PngChunk::parseChunkContent allows an attacker to cause a denial of service crash due to a std::badalloc exception through a crafted PNG image file...

6.5CVSS6.4AI score0.01981EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libjpeg-turbo

Libjpeg-turbo 1.5.2 has a NULL Pointer Dereference issue in files jdpostct.c and jquant1.c, due to a malicious JPEG file...

6.5CVSS6.4AI score0.02365EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...

6.7CVSS6.4AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Tiff

A memory leak flaw was discovered in Libtiff’s tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to deliver a crafted TIFF image file to the tiffcrop utility, which causes this memory leak issue. As a result, the application crashes, potentially...

5.5CVSS6.8AI score0.00341EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/16 4:50 p.m.6 views

CVE-2026-4367

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

5.5CVSS4.7AI score0.00129EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49335

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.0028EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

Autodesk 3ds Max 缓冲区错误漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. Autodesk 3ds Max has a buffer error vulnerability, which arises from the possibility of out-of-bounds writing during the parsing of specially crafted TIF files. Malicious actors may exploit this...

7.8CVSS6.3AI score0.00166EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 12:0 a.m.8 views

ALSA-2026:19359 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.2AI score0.00482EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.15 views

PT-2026-41064

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An out of bounds read in the Media component allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory by using ...

8.8CVSS5.8AI score0.00498EPSS
Exploits0References84
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017634)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017634 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2...

6.5CVSS6.6AI score0.01571EPSS
Exploits0References4
OSV
OSV
added 2026/05/11 12:0 a.m.7 views

ALSA-2026:15887 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.2AI score0.00482EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/05/07 4:41 a.m.8 views

LibRaw: LibRaw: Arbitrary code execution via specially crafted image file

A flaw was found in LibRaw, a library used for processing raw image files. This vulnerability, a heap-based buffer overflow, exists within the x3fthumbloader functionality. A remote attacker could exploit this by tricking a user into opening a specially crafted malicious file. Successful...

9.8CVSS6.4AI score0.00645EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/06 4:52 p.m.8 views

LibRaw: LibRaw: Arbitrary code execution via specially crafted image file

A flaw was found in LibRaw, a library used for processing raw image files. This vulnerability, a heap-based buffer overflow, exists within the x3fthumbloader functionality. A remote attacker could exploit this by tricking a user into opening a specially crafted malicious file. Successful...

9.8CVSS6.4AI score0.00645EPSS
Exploits1References5
Rockylinux
Rockylinux
added 2026/05/06 6:0 a.m.11 views

LibRaw security update

An update is available for LibRaw. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibRaw is a library for reading RAW files obtained from digital photo cameras...

9.8CVSS6.6AI score0.00746EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2026/05/04 1:51 a.m.7 views

LibRaw: LibRaw: Arbitrary code execution via specially crafted image file

A flaw was found in LibRaw, a library used for processing raw image files. This vulnerability, a heap-based buffer overflow, exists within the x3fthumbloader functionality. A remote attacker could exploit this by tricking a user into opening a specially crafted malicious file. Successful...

9.8CVSS6.4AI score0.00645EPSS
Exploits1References5
AlmaLinux
AlmaLinux
added 2026/05/04 12:0 a.m.9 views

Important: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw: Memory Corruption via Malicious File Processing CVE-2026-24660 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG...

9.8CVSS6.3AI score0.00746EPSS
Exploits3References8
RedhatCVE
RedhatCVE
added 2026/04/22 10:17 a.m.6 views

CVE-2026-40250

A flaw was found in OpenEXR, a library for the EXR image file format. An integer overflow vulnerability exists in the internaldwacompressor.h component during the calculation of image channel dimensions. This issue, caused by insufficient handling of int32 arithmetic, could allow a local attacker...

8.4CVSS5.8AI score0.0045EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/20 4:1 a.m.6 views

openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An attacker can craft a malicious EXR file that, when processed, causes an integer overflow in the CompositeDeepScanLine::readPixels function. This overflow leads to an undersized buffer allocation, whic...

8.4CVSS6.5AI score0.00201EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.7 views

PT-2026-33128

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer over-read occurs in the icns slurp function when processing specially crafted ICNS image files. This can lead to application crashes or information disclosure. Recommendations At t...

7.1CVSS6.1AI score0.00167EPSS
Exploits0References23
Snyk
Snyk
added 2026/04/03 9:50 p.m.3 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the undopxr24impl function. An attacker can access sensitive heap memory contents by submitting a specially crafted EXR file that triggers the decoder to read uninitialized memory and include it in the...

8.7CVSS5.9AI score0.00482EPSS
Exploits1References2
Rows per page
Query Builder