aws-c-event-stream 安全漏洞

aws-c-event-stream is a C language implementation library for the event stream protocol, open-sourced by Amazon Web Services - Labs. Versions of aws-c-event-stream prior to 0.6.0 contain security vulnerabilities. These vulnerabilities stem from out-of-bounds writing in the stream decoder componen...

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference bsc1259455. CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write bsc1259467. Patch...

CVE-2025-69693

Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder libavcodec/rv60dec.c. The quantization parameter qp validation at line 2267 only checks the lower bound qp 0 but is missing upper bound validation. The qp value can reach 65 base value 63 from 6-bit frame header + offset +2 from...

GHSA-WJ8W-PJXF-9G4F ImageMagick has uninitialized pointer dereference in JBIG decoder

An uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the MSL decoder. An attacker can cause the application to access freed memory by submitting a malicious MSL file. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit...

Use After Free

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Use After Free

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

GHSA-FPVF-FRM6-625Q ImageMagick has Heap Use-After-Free in ImageMagick MSL decoder

A heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. ================================================================= ==1500633==ERROR: AddressSanitizer: heap-use-after-free on address 0x527000011550 at pc...

DEBIAN-CVE-2026-28687

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerabilit...

UBUNTU-CVE-2026-28687

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerabilit...

UBUNTU-CVE-2026-28691

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-16 and 6.9.13-41 contained a buffer error vulnerability. This vulnerability stemmed from the MAT...

CVE-2026-28691

CVE-2026-28691 affects ImageMagick’s JBIG decoder, where an uninitialized pointer dereference exists due to a missing check. Affects versions prior to the fixed releases 7.1.2-16 and 6.9.13-41. The vulnerability can lead to an availability impact (DoS) with network-based attack, with no required ...

CVE-2026-28687 ImageMagick has a Heap Use-After-Free in ImageMagick MSL decoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file. This vulnerabilit...

OESA-2026-1502 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

Use After Free

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

Use After Free

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the PDB decoder when a memory allocation fails, leading to the use of a stale pointer. An attacker can cause a crash or trigger a single zero byte write by providing specially crafted input files. Remediation A fix was...

Use After Free

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...