Lucene search
K

126 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago8 views

RHEL 7 : ImageMagick (RHSA-2026:32961)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:32961 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixe...

9.2CVSS7.4AI score0.01849EPSS
Exploits4References20
EUVD
EUVD
added 2026/06/25 9:52 p.m.9 views

EUVD-2026-36184

ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 6:8 p.m.27 views

CVE-2026-53946 Ghost: Mobiledoc image-size fetch SSRF

Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, when re-rendering posts, Ghost would refetch missing image dimensions by issuing an outbound HTTP request to the URL stored on an image card — without restricting that URL to trusted image hosts. An authenticated staff user...

5.4CVSS0.00122EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.11 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3373 (ALAS-2026-3373)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3373 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions...

7.5CVSS6.1AI score0.00346EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openjpeg2

OpenJPEG version 2.3.1 has a heap-based buffer overflow issue in the opjt1clbldecodeprocessor function in openjp2/t1.c, due to the lack of validation for the opjj2kupdateimagedimensions function...

7.5CVSS7.1AI score0.04932EPSS
Exploits1References1
Snyk
Snyk
added 2026/06/10 11:12 p.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 11:12 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 11:12 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 11:12 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to insufficient validation in the DCM decoder. An attacker can cause the application to process images with invalid dimensions, potentially leading to application crashes or denia...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.5 views

Synthetic TIFF Corpus Generator for Parser Validation and Boundary Condition Testing

This Python script generates a small corpus of synthetic TIFF-like files designed for validating parser behavior across different image dimension scenarios...

5.5AI score
Exploits0
OSV
OSV
added 2026/05/26 7:31 p.m.13 views

JLSEC-2026-543

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opjt1clbldecodeprocessor in openjp2/t1.c because of lack of opjj2kupdateimagedimensions validation...

7.5CVSS7.1AI score0.04932EPSS
Exploits1References20
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.12 views

PT-2026-47108

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj t1 clbl decode processor in openjp2/t1.c because of lack of opj j2k update image dimensions validation...

5.8AI score
Exploits0References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in ffmpeg5

When decoding an OpenEXR file that uses DWAA or DWAB compression, there is an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy operation will loop at positions 0 and 1, continuing to write until a multiple of 8 i...

8.7CVSS6.6AI score0.00155EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.15 views

PT-2026-41801

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An out of bounds heap write can occur when reading multiple images with different dimensions. A heap write is a memory corruption issue where data is written...

7.8CVSS5.9AI score0.00441EPSS
Exploits0References132
Snyk
Snyk
added 2026/05/14 9:21 p.m.8 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the jpeg2000input.cpp process when calculating buffer size using signed 32-bit arithmetic. An attacker can trigger a heap overflow by providing crafted image dimensions that cause integer overflow,...

7.8CVSS6AI score0.00173EPSS
Exploits1References2
OSV
OSV
added 2026/05/13 1:42 a.m.8 views

JLSEC-2026-493 JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits...

4.3CVSS5.8AI score0.00413EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/04 5:51 p.m.5 views

EUVD-2026-27075

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS6.1AI score0.00142EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.8 views

PT-2026-36892

Name of the Vulnerable Software and Affected Versions CImg Library versions prior to commit 4ca26bc Description An integer overflow exists in the load pnm function during the computation of WHD size. A specially crafted PNM, PGM, or PPM file containing large dimension values can cause the...

6.1CVSS6AI score0.00142EPSS
Exploits0References7
NVD
NVD
added 2026/04/24 3:16 a.m.6 views

CVE-2026-41309

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

8.2CVSS0.00369EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:31 a.m.3 views

CVE-2026-41309

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

8.2CVSS5.7AI score0.00369EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder