Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016765 advisory. In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...

8.8CVSS7.7AI score0.04034EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.2 views

Ubuntu 25.10 / 26.04 LTS : Pillow vulnerability (USN-8211-1)

The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8211-1 advisory. It was discovered that Pillow incorrectly handled certain FITS images. An attacker could possibly use this issue to cause Pillow to consume resources,...

8.7CVSS5.9AI score0.00671EPSS
Exploits0References2
OSV
OSV
added 2026/04/27 12:33 p.m.5 views

USN-8211-1 pillow vulnerability

It was discovered that Pillow incorrectly handled certain FITS images. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service...

8.7CVSS5.3AI score0.00671EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 5:49 a.m.5 views

OESA-2026-2066 python-pillow security update

Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging \ Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. of CVE-2022-22815,CVE-2022-22816 Security Fixes: Pillow is a Python imaging library. Versions 10.3.0...

8.7CVSS5.4AI score0.00671EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.5 views

openSUSE 16 Security Update : python-Pillow (openSUSE-SU-2026:20617-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20617-1 advisory. This update for python-Pillow fixes the following issue: - CVE-2026-40192: Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed da...

8.7CVSS5.6AI score0.00671EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/16 11:28 p.m.7 views

SUSE CVE-2026-40192

Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...

7.5CVSS5.7AI score0.00671EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-40192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP- compressed data read when decoding a FITS image, making the...

8.7CVSS5.8AI score0.00671EPSS
Exploits0References2
NVD
NVD
added 2026/04/15 11:16 p.m.7 views

CVE-2026-40192

Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...

8.7CVSS0.00671EPSS
Exploits0References29
SUSE CVE
SUSE CVE
added 2023/02/15 4:32 a.m.2 views

SUSE CVE-2018-3848

In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...

8.8CVSS9.1AI score0.03876EPSS
Exploits1References6
OSV
OSV
added 2018/04/16 4:29 p.m.1 views

DEBIAN-CVE-2018-3846

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...

8.8CVSS9AI score0.03074EPSS
Exploits1References1
OSV
OSV
added 2018/04/16 4:29 p.m.2 views

UBUNTU-CVE-2018-3849

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...

8.8CVSS7.8AI score0.04034EPSS
Exploits1References3
Rows per page
Query Builder