Lucene search
K

603 matches found

Github Security Blog
Github Security Blog
added 2026/06/25 9:54 p.m.7 views

ImageMagick has out-of-bounds write in ICON decoder due to incorrect loop

An incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References3Affected Software17
OSV
OSV
added 2026/06/25 5:17 p.m.3 views

DEBIAN-CVE-2026-56123

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.8CVSS6AI score0.00308EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53173

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...

7.8CVSS0.00129EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53136

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

7.8CVSS0.00129EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52232

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds heap write can occur during driver probe due to missing validation of the HdmiRegNum and Hdmi6GRegNum fields within the VBIOS integrated info tables v1 11 and v2 1. Thes...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References21
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Tiff

A flaw was discovered in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations...

7.8CVSS7.2AI score0.00553EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out-of-bounds heap write within the WaveletDenoiseImage method. When processing a crafted image using the -wavelet-denoise...

5.5CVSS7.1AI score0.00106EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, there was a 32-bit unsigned integer overflow in the XWD X Windows encoder, which could lead to an undersized heap buffer allocation. When writing an extremely...

6.8CVSS6AI score0.00099EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 12:0 a.m.3 views

ALSA-2026:28923 Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS6.2AI score0.00165EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

RockyLinux 8 : xorg-x11-server (RLSA-2026:26709)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26709 advisory. xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch...

7.8CVSS6.2AI score0.00165EPSS
Exploits0References19
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...

7.8CVSS7.6AI score0.00518EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 9:14 p.m.5 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the htundoimpl function when decoding a specially crafted HTJ2K-compressed EXR file. An attacker can cause a heap out-of-bounds write by supplying a file with a large decode-channelsi.width value that...

7.1CVSS5.9AI score0.00199EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/17 6:6 p.m.12 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.3AI score0.00148EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/17 7:13 a.m.10 views

CVE-2026-53461

A flaw was found in ImageMagick. An incorrect loop in the ICON decoder can lead to an out-of-bounds heap write. This vulnerability allows a remote attacker to cause a denial of service DoS by providing a specially crafted image file, leading to a system crash. Mitigation Red Hat is not aware of a...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References4
OSV
OSV
added 2026/06/17 12:0 a.m.3 views

ALSA-2026:26709 Important: xorg-x11-server security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution du...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References20
Ubuntu
Ubuntu
added 2026/06/16 8:41 a.m.8 views

USN-8432-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to an out-of-bounds heap write. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-45700 In addition, this update fixes a regression...

9.8CVSS5.6AI score0.00462EPSS
Exploits1References1
OSV
OSV
added 2026/06/15 1:19 p.m.4 views

SUSE-SU-2026:2394-1 Security update for libcaca

This update for libcaca fixes the following issue - CVE-2026-42046: an integer overflow vulnerability in libcaca's canvas import functionality may allow an attacker to cause a controlled heap out-of-bounds write bsc1264984...

7.8CVSS5.3AI score0.00223EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 10:16 p.m.27 views

CVE-2026-6676

CVE-2026-6676 is a heap-based out-of-bounds write in Avira Antivirus engine when scanning a malformed POSIX tar archive. Affects Windows, macOS, and Linux engine builds prior to 8.3.27.12. It may enable local code execution or cause a denial-of-service of the antivirus engine process. The descrip...

7.8CVSS5.6AI score0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 12:25 p.m.12 views

OESA-2026-2643 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS5.2AI score0.00353EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.7 views

SUSE CVE-2026-46520

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23...

5.5CVSS5.2AI score0.00441EPSS
Exploits0References5
Rows per page
Query Builder