Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added last week10 views

CVE-2026-45358

A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. A remote attacker could exploit an off-by-one error in the meta encoder to read a single byte outside of allocated memory. This out-of-bounds read could lead to the disclosure of sensitiv...

5.3CVSS5.7AI score0.0024EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 10:7 p.m.38 views

CVE-2026-53465

ImageMagick (affected prior to 7.1.2-25) contains a heap buffer overwrite in the SF3 encoder when encoding a multi-frame image. The issue, tracked as CVE-2026-53465, can impact availability (HIGH) with little-to-no confidentiality or integrity impact as per the provided metrics. The root cause is...

6.2CVSS5.6AI score0.00112EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/10 9:26 p.m.9 views

CVE-2026-45358

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder. This issue has been patched in versions 6.9.13-47...

5.3CVSS5.3AI score0.0024EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/04/20 4:15 p.m.5 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. CVE-2026-28494: missing bounds checks in the morphology...

8.8CVSS6AI score0.00475EPSS
Exploits0References84
Snyk
Snyk
added 2026/04/14 11:32 p.m.6 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.3CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/03/13 7:54 p.m.7 views

UBUNTU-CVE-2026-29078

Lexbor is a web browser engine library. Prior to 2.7.0, the ISO‑2022‑JP encoder in Lexbor fails to reset the temporary size variable between iterations. The statement ctx-bufferused -= size with a stale size = 3 causes an integer underflow that wraps to SIZEMAX. Afterwards, memcpy is called with ...

8.2CVSS5.3AI score0.00269EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/13 5:18 p.m.5 views

EUVD-2026-12051

Lexbor is a web browser engine library. Prior to 2.7.0, the ISO‑2022‑JP encoder in Lexbor fails to reset the temporary size variable between iterations. The statement ctx-bufferused -= size with a stale size = 3 causes an integer underflow that wraps to SIZEMAX. Afterwards, memcpy is called with ...

8.2CVSS5.8AI score0.00269EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.3 views

libvpx security update

An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvpx packages provide the VP8 SDK, which allows the encoding and decodi...

5.4CVSS6.9AI score0.00493EPSS
Exploits0
Rows per page
Query Builder