3497 matches found
CVE-2026-47262
A flaw was found in containerd, an open-source container runtime. A remote attacker could exploit this vulnerability by providing a maliciously crafted image. When a container is created from this image, it leads to uncontrolled resource consumption and memory exhaustion, causing the containerd...
CVE-2026-55577
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...
CVE-2026-47262
containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...
CVE-2026-47262
CVE-2026-47262 affects containerd where a maliciously crafted image can trigger a Denial of Service by exhausting memory during container creation, causing an Out-Of-Memory (OOM) kill of the containerd process and making the runtime API unavailable (impacting clients like Docker Engine and Kubern...
ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free
A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted MSL Magick Scripting Language image. Processing this malicious image could trigger a...
CVE-2026-46601
A flaw was found in the golang.org/x/image/webp library's WebP decoder. A remote attacker could exploit this vulnerability by providing a specially crafted WebP image containing a VP8 chunk with mismatched dimensions. This could cause the decoder to panic, leading to a denial of service DoS for...
SUSE SLES15: GraphicsMagick / GraphicsMagick-devel / libGraphicsMagick++-Q16-12 / etc (SUSE-SU-2026:2625-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2625-1 advisory. This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125. Tenable has extracte...
EUVD-2026-36180
ImageMagick has an Infinite Loop in subimage-search with crafted image...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in the ClonePixelCacheRepository function allowed a remote attacker to cause a denial of service by providing a crafted image file,...
SUSE-SU-2026:2625-1 Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...
Astra Linux – Vulnerability in exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A out-of-bounds read vulnerability was discovered in Exiv2 versions v0.27.3 and earlier. This vulnerability occurs when Exiv2 is used to write metadata into a specially craft...
Astra Linux – Vulnerability in DjVuLibre
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error resource exhaustion caused by an infinite loop in GBitmap::readrleraw by creating a corrupted image file, which is related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp...
Astra Linux – Vulnerability in exiv2
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A assertion failure occurs when Exiv2 is used to modify the metadata of a specially crafted image file. An attacker could potentially exploit this vulnerability to cause a...
Astra Linux – Vulnerability in TIF format
The "Divide By Zero" error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile libtiff from source code, the fix is available in the commit f3a5e010...
Astra Linux – Vulnerability in exiv2
In Exiv2 versions 0.27.1, an uncontrolled memory allocation for PngChunk::parseChunkContent allows an attacker to cause a denial of service crash due to a std::badalloc exception through a crafted PNG image file...
Astra Linux – Vulnerability in Pandoc
Pandoc is a Haskell library for converting between different markup formats, as well as a command-line tool that utilizes this library. Starting from version 1.13 and before version 3.1.4, Pandoc was vulnerable to a file-write vulnerability. This vulnerability could be exploited by including a...
Astra Linux – Vulnerability in exiv2
In Exiv2 0.26 and earlier versions, the PngChunk::readRawProfile method in pngchunkint.cpp may cause a denial of service application crashes due to a heap-based buffer overflow from reading a malicious PNG file...
Astra Linux – Vulnerability in libjpeg-turbo
Libjpeg-turbo 1.5.2 has a NULL Pointer Dereference issue in files jdpostct.c and jquant1.c, due to a malicious JPEG file...
Astra Linux – Vulnerability in Tiff
A memory leak flaw was discovered in Libtiff’s tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to deliver a crafted TIFF image file to the tiffcrop utility, which causes this memory leak issue. As a result, the application crashes, potentially...