CVE-2025-27598

CVE-2025-27598 affects SixLabors.ImageSharp, specifically the GIF decoder, where an out-of-bounds write can cause a crash and potential denial of service. The issue stems from improper handling in GIF decoding. Remediation is to upgrade ImageSharp to v3.1.7 or v2.1.10 (or higher). Multiple source...

CVE-2025-27598 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to...

CVE-2025-27598 Out-of-bounds Write in SixLabors ImageSharp

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to...

Medium: python-pillow

Issue Overview: Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file. CVE-2016-0740 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

ImageSharp 缓冲区错误漏洞

ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API open-sourced by Six Labors. A buffer error vulnerability exists in ImageSharp versions prior to v3.1.7 and v2.1.10, which stems from an out-of-bounds write vulnerability in the gif decoder that could result in a cra...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bsc1234415. CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser bsc1234450. CVE-2024-47600: Fixed Out-of-bounds read in...

SUSE-SU-2025:20134-1 Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: - CVE-2024-47538: Fixed stack-buffer overflow in vorbishandleidentificationpacket bsc1234415. - CVE-2024-47835: Fixed NULL-pointer dereference in LRC subtitle parser bsc1234450. - CVE-2024-47600: Fixed Out-of-bounds read in...

Linux Distros Unpatched Vulnerability : CVE-2022-38784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially...

Linux Distros Unpatched Vulnerability : CVE-2023-38633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem...

Linux Distros Unpatched Vulnerability : CVE-2023-29408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms o...

Linux Distros Unpatched Vulnerability : CVE-2022-41723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of...

PT-2025-9577 · Google · Android

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A denial of service issue occurs when decoding a JPEG, specifically in the dng lossless decoder::HuffDecode function, due to a null pointer exception htbl = nullptr related to Huffman tables...

SUSE CVE-2022-49223

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

DEBIAN-CVE-2022-49223

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

UBUNTU-CVE-2022-49223

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

CVE-2022-49223 cxl/port: Hold port reference until decoder release

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from cxl/port not holding a port reference before decoder release, which could lead to post-release reuse...

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

SUSE CVE-2025-22921

FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c...

DEBIAN-CVE-2025-22921

FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c...