Lucene search
+L

84 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as...

9.8CVSS6.2AI score0.00394EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 1:16 p.m.9 views

CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS0.00394EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/08 12:30 p.m.6 views

CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS6AI score0.00394EPSS
Exploits0
EUVD
EUVD
added 2026/07/08 12:30 p.m.8 views

EUVD-2026-42226

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

6AI score0.00394EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-56397

Name of the Vulnerable Software and Affected Versions Imager versions prior to 1.033 Description Imager for Perl incorrectly treats unsigned EXIF IFD Image File Directory entry counts as signed. When processing large entry count values, the software interprets them as negative numbers, which can...

9.8CVSS6.1AI score0.00394EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.12 views

CVE-2026-5755

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2026/05/22 10:18 a.m.35 views

CVE-2026-5755

CVE-2026-5755 affects Mattermost releases 11.6.x up to 11.6.0, 11.5.x up to 11.5.2/11.5.3, 11.4.x up to 11.4.4, and 10.11.x up to 10.11.14. The issue arises from failure to validate the TIFF IFD offset in the image header before memory allocation, allowing authenticated users with file upload or ...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/19 5:44 p.m.26 views

CLSA-2026-1779212665 php: Fix of 14 CVEs

CVE-2018-5711: fix infinite loop in gdImageCreateFromGifCtx - CVE-2018-5712: remove file name from phar stub error output XSS - CVE-2018-10545: do not set PRSETDUMPABLE in php-fpm workers by default - CVE-2018-10546: fail iconvmimedecode on invalid multibyte sequences - CVE-2018-10547: escape...

7.5CVSS6.8AI score0.79949EPSS
Exploits7References1
OSV
OSV
added 2026/04/22 5:46 p.m.35 views

CLSA-2026-1776879963 php: Fix of 9 CVEs

CVE-2019-9020: fix heap out-of-bounds read in xmlrpcdecode - CVE-2019-9021: fix heap buffer overflow in phardetectpharfnameext - CVE-2019-9023: fix heap buffer over-reads in mbstring regex functions - CVE-2019-9641: fix uninitialized read in exifprocessIFDinTIFF - CVE-2019-11034: fix...

9.8CVSS6.9AI score0.10059EPSS
Exploits7References1
Packet Storm News
Packet Storm News
added 2026/04/22 12:0 a.m.8 views

DNG File Generator for Security Testing

This C++ program is a complex security research tool CVE-2026-27280 designed to manually construct a DNG Digital Negative image file with fully controlled internal structures TIFF/DNG headers, IFD tables, and metadata tags...

7.8CVSS5.7AI score0.00176EPSS
Exploits0
Packet Storm
Packet Storm
added 2026/02/09 12:0 a.m.282 views

📄 Samsung Quram DNG Remote Code Execution

A vulnerability exists in Samsung's image decoding library libimagecodec.quram.so responsible for parsing Digital Negatives DNG. A malformed DNG containing oversized IFD entries can cause heap corruption. With precise heap grooming, this condition may lead to remote code execution when the...

9.8CVSS6.4AI score0.01435EPSS
Exploits3
OSV
OSV
added 2025/12/02 2:15 a.m.7 views

CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...

6.5CVSS5.9AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 2:15 a.m.12 views

CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...

6.5CVSS0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 1:24 a.m.3 views

CVE-2025-58477

Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...

4.3CVSS6.5AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-0284

Malware in sbrugna...

5.5CVSS6.9AI score0.02096EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-5530

Malware in sbrugna...

9.8CVSS8.5AI score0.12179EPSS
Exploits1References20
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-1808

Malware in sbrugna...

6.5CVSS6.7AI score0.02397EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-1045

Malware in sbrugna...

7.5CVSS6AI score0.04016EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2007-6323

Malware in sbrugna...

5CVSS6.1AI score0.01835EPSS
Exploits0References12
OSV
OSV
added 2025/09/02 11:15 p.m.2 views

CVE-2025-22423

In ParseTag of dngifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder