CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

OSV•added 2026/05/25 9:3 a.m.•3 views

OPENSUSE-SU-2026:20794-1 Security update for python-PyPDF2

This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-41312: Fixed issue where crafed PDF can lead to resources exhaustion bsc1262675 - CVE-2026-41314: Fixed a denial of service via manipulated FlateDecode image dimensions can lead to RAM exhaustion...

6.9CVSS5.8AI score0.00052EPSS

Exploits0References6

Positive Technologies•added 2026/05/07 12:0 a.m.•5 views

PT-2026-38486

A read of pixels was coded as modifying coordinates to lie within the image bounds. It would calculate a coordinate by adding a constant to an input and taking the minimum of the resulting coordinate and 'dimension - 1'. This would not protect against malicious inputs that could overflow the...

6.9CVSS5.9AI score

Exploits0References3

Github Security Blog•added 2026/02/26 3:20 p.m.•5 views

psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps

Summary A security review of the psdtools.compression module conducted against the fix/invalid-rle-compression branch, commits 7490ffa–2a006f5 identified the following pre-existing issues. The two findings introduced and fixed by those commits Cython buffer overflow, IndexError on lone repeat...

9.1CVSS5.7AI score0.00076EPSS

Exploits1References5Affected Software1

CVE•added 2025/11/19 5:45 a.m.•10 views

CVE-2025-12359

CVE-2025-12359 : The WordPress plugin Responsive Lightbox & Gallery (versions up to 2.5.3) is affected by an authenticated SSRF in get_image_size_by_url due to insufficient validation of user-supplied URLs when determining image dimensions for gallery items. Exploitation requires Author+ privileg...

5.4CVSS5.3AI score0.00049EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-6240

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00079EPSS

Exploits0References1

Amazon•added 2025/09/29 12:0 a.m.•2 views

Medium: GraphicsMagick

Issue Overview: ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits. CVE-2025-27795 ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob. CVE-2025-27796...

9.8CVSS7.1AI score0.00148EPSS

Exploits1

Tenable Nessus•added 2025/09/10 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2020-8226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in phpBB v3.2.10 and v3.3.1 which allowed remote image dimensions check to be used to SSRF. CVE-2020-8226 Note that Nessus relies on the...

5.8CVSS5.9AI score0.00177EPSS

Exploits0References2

Tenable Nessus•added 2025/08/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2020-6851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenJPEG through 2.3.1 has a heap-based buffer overflow in opjt1clbldecodeprocessor in openjp2/t1.c because of lack of opjj2kupdateimagedimensions validation...

7.5CVSS7.2AI score0.04773EPSS

Exploits1References2

Mageia•added 2025/04/12 4:23 a.m.•31 views

Updated graphicsmagick packages fix security vulnerabilities

ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits. CVE-2025-27795...

7.5CVSS6.9AI score0.00079EPSS

Exploits0References2

OSV•added 2025/04/03 11:54 a.m.•9 views

SUSE-SU-2025:1129-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: - CVE-2025-27795: Fixed missing image dimension resource limits in JXL bsc1239044...

7.5CVSS7.2AI score0.00079EPSS

Exploits0References3