Lucene search
K

32 matches found

FreeBSD
FreeBSD
added 2026/06/12 12:0 a.m.5 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports: Multiple security issues were identified and fixed in the GStreamer framework. GStreamer-SA-2026-0030: Missing bounds checks in RTCP SDES packet parsing GStreamer-SA-2026-0031: Integer overflow and truncation in MXF demuxer GStreamer-SA-2026-0032: Out-of-bounds read...

8.8CVSS5.9AI score0.00489EPSS
Exploits0References17
Vulnrichment
Vulnrichment
added 2026/06/10 9:30 p.m.7 views

CVE-2026-46522 ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...

7.5CVSS5.4AI score0.01849EPSS
Exploits2References1
EUVD
EUVD
added 2026/05/26 12:0 a.m.10 views

EUVD-2026-31844

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References3
NVD
NVD
added 2026/05/19 8:16 p.m.23 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS0.00514EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.5 views

TencentOS Server 2: ImageMagick (TSSA-2026:0256)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0256 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

8.1CVSS5.8AI score0.00353EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/04/20 4:15 p.m.5 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. CVE-2026-28494: missing bounds checks in the morphology...

8.8CVSS6AI score0.00475EPSS
Exploits0References84
OpenVAS
OpenVAS
added 2026/04/14 12:0 a.m.4 views

Slackware: Security Advisory (SSA:2026-103-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/13 9:43 p.m.3 views

CVE-2026-40312 ImageMagick: Off-by-One in MSL decoder could result in crash

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

6.2CVSS5.7AI score0.00177EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/04/06 9:44 p.m.3 views

CVE-2026-35444

SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...

7.1CVSS5.7AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2026/04/02 9:51 a.m.6 views

CLSA-2026-1775121601 ImageMagick: Fix of 7 CVEs

CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDoubleToLong - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...

8.1CVSS6AI score0.00594EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/09 9:40 p.m.2 views

EUVD-2026-10386

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.5 views

SUSE SLES16 Security Update : jasper (SUSE-SU-2026:20200-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20200-1 advisory. Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set...

7.8CVSS5AI score0.00205EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

Google Chrome < 3.30.33.15 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 3.30.33.15. It is, therefore, affected by multiple vulnerabilities as referenced in the 201501stable-update advisory. - Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a...

7.5CVSS7.6AI score0.04339EPSS
Exploits0References48
OSV
OSV
added 2025/09/22 2:10 p.m.3 views

SUSE-SU-2025:03294-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to version 4.2.13. Security issues fixed: - CVE-2025-9817: SSH dissector crash due to NULL pointer dereference when processing malformed packet traces bsc1249090. Non-security issues fixed: - Bug in UDS dissector with Service...

7.8CVSS5.8AI score0.00194EPSS
Exploits1References3
OSV
OSV
added 2025/08/11 5:25 p.m.5 views

GO-2025-3845 Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder in github.com/gofiber/fiber

Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder in github.com/gofiber/fiber...

8.7CVSS7AI score0.00331EPSS
Exploits0References2
OSV
OSV
added 2023/12/04 4:15 a.m.3 views

CVE-2023-32851

In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652...

7.8CVSS5.9AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.4 views

SUSE CVE-2014-7937

Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted Vorbis I data...

7.5CVSS9.6AI score0.0183EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/22 12:0 a.m.4 views

XPDF 输入验证错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF versions prior to 4.04, which stems from the JBIG2Stream::readSymbolDictSeg function in the JBIG2Stream.cc compone...

7.8CVSS7.5AI score0.75994EPSS
Exploits2References10
OSV
OSV
added 2021/03/11 12:15 a.m.2 views

DEBIAN-CVE-2021-27918

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader for xml.NewTokenDecoder returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method...

7.5CVSS7.5AI score0.02543EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/11/04 1:25 a.m.4 views

freerdp: out of bound read in rfx_process_message_tileset

In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfxprocessmessagetileset. Invalid data fed to RFX decoder results in garbage on screen as colors. This has been patched in 2.1.0...

5CVSS5.7AI score0.01907EPSS
Exploits0References4
Rows per page
Query Builder