Lucene search
K

704 matches found

Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-47108

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj t1 clbl decode processor in openjp2/t1.c because of lack of opj j2k update image dimensions validation...

5.8AI score
Exploits0References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in aom

Integer overflows in the libaom internal function imgallochelper can lead to heap buffer overflows. This function can be accessed through three methods: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows during the calculation of buffer sizes...

10CVSS7.2AI score0.01254EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in openjpeg2

OpenJPEG version 2.3.1 has a heap-based buffer overflow issue in the opjt1clbldecodeprocessor function in openjp2/t1.c, due to the lack of validation for the opjj2kupdateimagedimensions function...

7.5CVSS7.1AI score0.04932EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libvpx

There are integer overflows in the libvpx library in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may lead to integer overflows in the calculations of buffer sizes and offsets, and some fields of the returned vpximaget struct may become invali...

9.1CVSS7.3AI score0.00814EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions, a malicious server may trigger out-of-bound writes in a connected client. Connections that use GDI or SurfaceCommands to send graphics updates to the client may send...

8.8CVSS7.1AI score0.01553EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 1:29 p.m.9 views

freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. The gdisurfacebits function, which processes SURFACEBITSCOMMAND messages, does not properly validate image dimensions bmp.width and bmp.height provided by a malicious RDP server. This can lead to a heap buffer...

9.8CVSS6.3AI score0.00656EPSS
Exploits1References6
OSV
OSV
added 2026/05/18 8:36 p.m.14 views

GHSA-36WM-HPRC-MCF5 ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions

When reading multiple images with different dimensions an out of bounds heap write can occur...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.10 views

Out-of-bounds Write

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.16 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the IPL decoder when processing multiple images with differing dimensions. An attacker can cause a denial of service by supplying specially crafted image files that trigger an out-of-bounds heap write. Remediation...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.15 views

PT-2026-41801

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An out of bounds heap write can occur when reading multiple images with different dimensions. A heap write is a memory corruption issue where data is written...

7.8CVSS5.9AI score0.00441EPSS
Exploits0References132
Snyk
Snyk
added 2026/05/14 9:21 p.m.8 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the jpeg2000input.cpp process when calculating buffer size using signed 32-bit arithmetic. An attacker can trigger a heap overflow by providing crafted image dimensions that cause integer overflow,...

7.8CVSS6AI score0.00173EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.14 views

CVE-2026-43909

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the loop index expression i 4 inside SwapRGBABytes causes the function to compute a large negative...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.11 views

PT-2026-41028

Name of the Vulnerable Software and Affected Versions OpenImageIO versions prior to 3.0.18.0 OpenImageIO versions prior to 3.1.13.0 Description A signed 32-bit integer overflow occurs in the loop index expression i 4 within the SwapRGBABytes function when processing kABGR DPX images with large...

10CVSS5.9AI score0.00371EPSS
Exploits4References15
OSV
OSV
added 2026/05/13 1:42 a.m.10 views

JLSEC-2026-493 JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits...

4.3CVSS5.8AI score0.00413EPSS
Exploits0References7
OSV
OSV
added 2026/05/11 8:25 a.m.9 views

CLSA-2026-1778487942 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

5.5CVSS7.3AI score0.00181EPSS
Exploits0References1
OSV
OSV
added 2026/05/11 8:24 a.m.8 views

CLSA-2026-1778487863 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

5.5CVSS7.3AI score0.00181EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/04 7:29 p.m.8 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the loadpnm process. An attacker can cause a heap buffer overflow by supplying a crafted PNM/PGM/PPM file with large dimension values that trigger an integer overflow during size computation, leading to...

6.9CVSS6AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 6:16 p.m.21 views

CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS0.00142EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/04 5:51 p.m.34 views

CVE-2026-42144 CImg Library: Integer overflow in PNM size check bypasses memory guard (_load_pnm)

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS0.00142EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/04 5:51 p.m.6 views

EUVD-2026-27075

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS6.1AI score0.00142EPSS
Exploits0References4
Rows per page
Query Builder