41 matches found
PT-2026-48566
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-48 ImageMagick versions prior to 7.1.2-24 Description A missing check in the DCM decoder can result in an image with invalid dimensions, which may cause crashes during other operations. Recommendations Upda...
RHEL 10 : freerdp (RHSA-2026:20605)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20605 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
SUSE-SU-2026:2023-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...
Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3288 (ALAS-2026-3288)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3288 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both...
CVE-2026-5317
A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...
CVE-2026-5190 AWS C Event Stream Streaming Decoder Stack Buffer Overflow
Out-of-bounds write in the streaming decoder component in aws-c-event-stream before 0.6.0 might allow a third party operating a server to cause memory corruption leading to arbitrary code execution on a client application that processes crafted event-stream messages. To remediate this issue, user...
CVE-2026-28687
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerabilit...
Amazon Linux 2023 : firefox (ALAS2023-2026-1469)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1469 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area...
Linux Distros Unpatched Vulnerability : CVE-2026-1725
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 before 18.9.1 that could have under certain conditions, allowed an unauthenticated...
Security update for libjxl
This update for libjxl fixes the following issues: CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to uninitialized unallocated memor...
SUSE-SU-2026:0648-1 Security update for libjxl
This update for libjxl fixes the following issues: - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. - CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to uninitialized unallocated...
CVE-2026-26284
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD Photo CD files. The decoder contains an function that has an incorrect...
PT-2026-3838
Name of the Vulnerable Software and Affected Versions ollama version 0.12.10 Description An issue in ollama version 0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder. Recommendations At the moment, there is no information about a newer version that contains a fix...
MiracleLinux 9 : freerdp-2.4.1-5.el9 (AXSA:2023-5536:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5536:02 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line...
MiracleLinux 7 : tigervnc-1.8.0-21.el7 (AXSA:2020-559:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-559:04 advisory. tigervnc: Stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder CVE-2019-15691 tigervnc: Heap buffer overflow triggered from...
PT-2026-24131
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software used for editing and manipulating digital images. A heap over-read issue exists in the MAT decoder due to incorrect...
PYSEC-2025-90
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...
openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...
EUVD-2017-2373
Malware in sbrugna...
EUVD-2016-9235
Malware in sbrugna...