Lucene search
K

6484 matches found

Github Security Blog
Github Security Blog
added 2026/06/25 9:54 p.m.7 views

ImageMagick has out-of-bounds write in ICON decoder due to incorrect loop

An incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References3Affected Software17
Github Security Blog
Github Security Blog
added 2026/06/25 9:52 p.m.7 views

ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions

A missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operations...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References4Affected Software17
OSV
OSV
added 2026/06/25 9:52 p.m.1 views

GHSA-8PJ9-6897-74XC ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions

A missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operations...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 9:52 p.m.10 views

EUVD-2026-36184

ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:50 p.m.2 views

GHSA-4V89-6MGQ-6RGC ImageMagick has a Heap Buffer Over-Write in MAT decoder on 32-bit systems

A missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems...

5.9CVSS6AI score0.00227EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 9:50 p.m.11 views

EUVD-2026-36183

ImageMagick has a Heap Buffer Over-Write in MAT decoder on 32-bit systems...

5.9CVSS5.8AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 8:17 p.m.2 views

DEBIAN-CVE-2026-46602

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 8:17 p.m.9 views

CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS0.00339EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 7:47 p.m.25 views

CVE-2026-46601 Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

0.00339EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 7:47 p.m.23 views

CVE-2026-46602 Lack of limit on tile sizes in x/image/tiff in golang.org/x/image

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...

0.00339EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 7:47 p.m.5 views

EUVD-2026-39550

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

5.8AI score0.00339EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:47 p.m.5 views

CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

5.8AI score0.00339EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 7:47 p.m.19 views

CVE-2026-46602

The CVE-2026-46602 issue affects the TIFF decoder in golang.org/x/image: it does not enforce a limit on tile sizes in tiled TIFF images, which can lead to unbounded memory consumption when processing a malicious or corrupted image with a very large tile. This is stated across multiple sources in ...

7.5CVSS5.9AI score0.00339EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 7:47 p.m.16 views

CVE-2026-46601

The CVE refers to a panic in the golang.org/x/image webp decoder when processing a VP8 chunk whose alpha channel size does not match the canvas size. Affected component: the WebP decoder in x/image/webp. Root cause: mismatch between VP8 chunk dimensions and the canvas size triggers a panic (crash...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 12:1 p.m.2 views

RLSA-2023:2851 Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: clients using /parallel command line switch might read...

7.5CVSS6.2AI score0.00985EPSS
Exploits0References10
Rockylinux
Rockylinux
added 2026/06/25 12:1 p.m.6 views

freerdp security update

An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...

7.5CVSS6.7AI score0.00985EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.4 views

RockyLinux 8 : freerdp (RLSA-2023:2851)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2851 advisory. freerdp: clients using /parallel command line switch might read uninitialized data CVE-2022-39282 freerdp: clients using the /video command line switch...

7.5CVSS6.8AI score0.00985EPSS
Exploits0References19
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in libde265

strukturag libde265 commit d9fea9d was discovered to contain a segmentation fault due to the component decodercontext::computeframedroptable...

6.2CVSS5.7AI score0.00159EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in openexr

OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. From version 3.2.0 up to versions 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder used signed 32-bit arithmetic to construct temporary per-component block...

8.8CVSS5.7AI score0.00419EPSS
Exploits1References2
Rows per page
Query Builder