6484 matches found
ImageMagick has out-of-bounds write in ICON decoder due to incorrect loop
An incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash...
ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions
A missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operations...
GHSA-8PJ9-6897-74XC ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions
A missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operations...
EUVD-2026-36184
ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions...
GHSA-4V89-6MGQ-6RGC ImageMagick has a Heap Buffer Over-Write in MAT decoder on 32-bit systems
A missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems...
EUVD-2026-36183
ImageMagick has a Heap Buffer Over-Write in MAT decoder on 32-bit systems...
DEBIAN-CVE-2026-46602
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...
DEBIAN-CVE-2026-46601
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
CVE-2026-46601
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
CVE-2026-46601 Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
CVE-2026-46602 Lack of limit on tile sizes in x/image/tiff in golang.org/x/image
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...
EUVD-2026-39550
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
CVE-2026-46601
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
CVE-2026-46602
The CVE-2026-46602 issue affects the TIFF decoder in golang.org/x/image: it does not enforce a limit on tile sizes in tiled TIFF images, which can lead to unbounded memory consumption when processing a malicious or corrupted image with a very large tile. This is stated across multiple sources in ...
CVE-2026-46601
The CVE refers to a panic in the golang.org/x/image webp decoder when processing a VP8 chunk whose alpha channel size does not match the canvas size. Affected component: the WebP decoder in x/image/webp. Root cause: mismatch between VP8 chunk dimensions and the canvas size triggers a panic (crash...
RLSA-2023:2851 Moderate: freerdp security update
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: clients using /parallel command line switch might read...
freerdp security update
An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...
RockyLinux 8 : freerdp (RLSA-2023:2851)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2851 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line switch...
Astra Linux – Vulnerability in libde265
strukturag libde265 commit d9fea9d was discovered to contain a segmentation fault due to the component decodercontext::computeframedroptable...
Astra Linux – Vulnerability in openexr
OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. From version 3.2.0 up to versions 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder used signed 32-bit arithmetic to construct temporary per-component block...