3508 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-59089
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Tab...
CVE-2026-59089
GIMP contains a vulnerability in its PlayStation TIM loader: the CLUT size is computed by multiplying two 16-bit unsigned values (num_colors and num_cluts), which can overflow and exceed integer limits. This overflow triggers undefined behavior that causes the GIMP plug-in to abort when processin...
CVE-2026-59089
A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table CLUT due to an integer overflow. This occurs when multiplying numcolors and numcluts, both 16-bit unsigned short integers, resulting i...
EUVD-2026-41913
A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table CLUT due to an integer overflow. This occurs when multiplying numcolors and numcluts, both 16-bit unsigned short integers, resulting i...
CVE-2026-59089
A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table CLUT due to an integer overflow. This occurs when multiplying numcolors and numcluts, both 16-bit unsigned short integers, resulting i...
OESA-2026-2834 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
CVE-2026-58379
A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...
CVE-2026-47262
A flaw was found in containerd, an open-source container runtime. A remote attacker could exploit this vulnerability by providing a maliciously crafted image. When a container is created from this image, it leads to uncontrolled resource consumption and memory exhaustion, causing the containerd...
OPENSUSE-SU-2026:21207-1 Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...
CVE-2026-55577
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...
CVE-2026-47262
containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...
CVE-2026-47262
CVE-2026-47262 affects containerd where a maliciously crafted image can trigger a Denial of Service by exhausting memory during container creation, causing an Out-Of-Memory (OOM) kill of the containerd process and making the runtime API unavailable (impacting clients like Docker Engine and Kubern...
ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free
A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. A remote attacker could exploit this vulnerability by providing a specially crafted MSL Magick Scripting Language image. Processing this malicious image could trigger a...
CVE-2026-46601
A flaw was found in the golang.org/x/image/webp library's WebP decoder. A remote attacker could exploit this vulnerability by providing a specially crafted WebP image containing a VP8 chunk with mismatched dimensions. This could cause the decoder to panic, leading to a denial of service DoS for...
GHSA-73HR-M85F-64V9 Incus has an arbitrary file write on host via `exec-output` symlink in crafted image
Summary The record-output parameter of the /instances/$name/exec endpoint stores the output of the command in the exec-output directory of the instance. If exec-output is a symlink, file named execUUID.stdout and execUUID.stderr can be written to an arbitrary location where the .stdout file will...
SUSE SLES15: GraphicsMagick / GraphicsMagick-devel / libGraphicsMagick++-Q16-12 / etc (SUSE-SU-2026:2625-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2625-1 advisory. This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125. Tenable has extracte...
GHSA-5V62-8FQ6-CP9M ImageMagick has an Infinite Loop in subimage-search with crafted image
An infinite loop in the subimage-search operation can happen when using a crafted image...
EUVD-2026-36180
ImageMagick has an Infinite Loop in subimage-search with crafted image...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in the ClonePixelCacheRepository function allowed a remote attacker to cause a denial of service by providing a crafted image file,...
SUSE-SU-2026:2625-1 Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125...