Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

PT-2026-41775

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An off-by-one error in the meta encoder can lead to an out-of-bounds read of a single byte. An off-by-one error is a logic flaw where a loop or array index is...

SUSE CVE-2026-42586

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder RedisEncoder writes user-controlled string content directly to the network output buffer without validating or sanitizing CRLF \r\n characters. Since the...

DEBIAN-CVE-2026-44636

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...

CVE-2026-44636

CVE-2026-44636 affects libsixel (SIXEL encoder/decoder). A signed integer overflow in sixel_encode_highcolor’s allocation size calculation (widthheight) can cause a heap buffer overflow when encoding very large pixel buffers; callers may trigger allocation wrapping if width height > INT_MAX. T...

CLSA-2026-1778788198 Fix of 6 CVEs

SECURITY UPDATE: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - debian/patches/CVE-2026-7258.patch: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - CVE-2026-7258 SECURITY UPDATE: fix stale SOAPGLOBAL refmap pointer with...

CLSA-2026-1778767103 Fix CVE(s): CVE-2026-25576, CVE-2026-28688, CVE-2026-28690

Security: - CVE-2026-25576: heap buffer over-read in raw pixel coders - CVE-2026-28688: use-after-free in MSL encoder - CVE-2026-28690: stack-based buffer overflow in MNG/JNG encoder...

Linux Distros Unpatched Vulnerability : CVE-2026-42586

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder RedisEncoder writes...

CVE-2026-42586

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder RedisEncoder writes user-controlled string content directly to the network output buffer without validating or sanitizing CRLF \r\n characters. Since the...

DEBIAN-CVE-2026-42579

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding. This creates a bidirectional attack surface: malicious DNS responses can exploit t...

CVE-2026-42586

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder RedisEncoder writes user-controlled string content directly to the network output buffer without validating or sanitizing CRLF \r\n characters. Since the...