Lucene search
K

661 matches found

Debian CVE
Debian CVE
added yesterday8 views

CVE-2026-47262

containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...

5.3CVSS5.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 3 days ago7 views

Important: Red Hat Security Advisory: ImageMagick security update

An update for ImageMagick is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.5CVSS6.3AI score0.01849EPSS
Exploits2References10
Cvelist
Cvelist
added 2026/06/24 11:53 a.m.32 views

CVE-2026-56368 ImageMagick - Memory Leak in Raw Pixel Data Coders

ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...

6.3CVSS0.0026EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:53 a.m.12 views

CVE-2026-56368

ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...

7.5CVSS5.8AI score0.0026EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.25 views

Containerd 1.7.x < 1.7.33 / 2.0.x < 2.0.10 / 2.1.x < 2.1.9 / 2.2.x < 2.2.5 / 2.3.x < 2.3.2 Multiple Vulnerabilities

The version of Containerd on the remote host is 1.7.x prior to 1.7.33, 2.0.x prior to 2.0.10, 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.5, or 2.3.x prior to 2.3.2. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in containerd allows a maliciously crafted image to cause a...

9.4CVSS6AI score0.00229EPSS
Exploits0References4
NVD
NVD
added 2026/06/23 1:16 p.m.12 views

CVE-2026-56376

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service...

6.3CVSS0.00184EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 12:13 p.m.35 views

CVE-2026-56376 ImageMagick - Heap Use-After-Free in Meta Coder

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service...

6.3CVSS0.00184EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 12:13 p.m.7 views

EUVD-2026-38440

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 12:13 p.m.8 views

CVE-2026-56376

Affected software: ImageMagick prior to 7.1.2-15 and 6.9.13-40. Vulnerability: heap use-after-free in the meta coder where, on memory allocation failure, a single byte is written to a stale pointer. Impact: remote attackers can trigger via specially crafted image files, causing a denial of servic...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.15 views

PT-2026-51513

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description A heap use-after-free exists in the meta coder. This occurs when memory allocation fails and a single byte is written to a stale pointer. Remote attacke...

6.3CVSS5.8AI score0.00184EPSS
Exploits0References78
Cvelist
Cvelist
added 2026/06/22 11:48 p.m.36 views

CVE-2026-10645 fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In ext2fetchdirentry subsys/fs/ext2/ext2diskops.c, the code only checks denamelen = EXT2MAXFILENAME and then copies the name with memcpy...

4.9CVSS0.00205EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-55392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift...

6.7CVSS5.9AI score0.00105EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in exiv2

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying metadata of image files. A heap buffer overflow has been discovered in Exiv2 versions v0.27.3 and earlier. The heap overflow occurs when Exiv2 is used to write metadata into a specially crafted image fil...

7.8CVSS6.8AI score0.02152EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Avoid infinite loops due to incomplete zstd-compressed data. Currently, the decompression logic incorrectly processes compressed data if the data is truncated in crafted deliberately corrupted images...

5.9AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Containerd

Containerd is a container runtime. A bug was discovered in containerd versions prior to 1.4.8 and 1.5.4, where pulling and extracting a specially crafted container image could result in changes to Unix file permissions for existing files in the host’s filesystem. Changes to file permissions could...

6.8CVSS6.3AI score0.01608EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick in versions prior to 7.0.11 and prior to 6.9.12. In these versions, a division by zero in the WaveImage function of MagickCore/visual-effects.c could lead to undefined behavior when a malicious image file was submitted to an application that used ImageMagick...

7.8CVSS6.8AI score0.02315EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: erofs: Proper handling of overlapping pclusters from crafted images. syzbot reported a task hanging issue due to a deadlock situation where it was waiting for the folio lock of a cached folio that would be used for cache I/Os...

5.5CVSS6AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/18 6:0 p.m.9 views

EUVD-2026-37927

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS5.2AI score0.00105EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.11 views

PT-2026-50777

Name of the Vulnerable Software and Affected Versions NILFS utilities versions prior to 2.3.1 Description The nilfs sb is valid function fails to validate the s log block size field in the NILFS2 superblock before performing bit-shift operations. An attacker can provide crafted NILFS2 images to...

6.7CVSS5.9AI score0.00105EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/16 4:50 p.m.2 views

CVE-2026-4367

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References6
Rows per page
Query Builder