Lucene search
+L

2706 matches found

RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-61863

A flaw was found in ImageMagick. When processing a Tagged Image File Format TIFF image, a small memory leak can occur if the TIFF encoder is unable to create a temporary file. This can lead to a gradual consumption of system memory, potentially impacting the availability of the application...

7.5CVSS6AI score0.00102EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-44616

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the TIFF encoder when memory allocation fails. Attackers can trigger allocation failures during TIFF image processing to cause memory exhaustion and denial of service...

2.9CVSS6.1AI score0.00102EPSS
Exploits0References2
NVD
NVD
added 3 days ago3 views

CVE-2026-50381

Access of resource using incompatible type 'type confusion' in Composite Image File System Driver allows an authorized attacker to disclose information locally...

5.5CVSS0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago28 views

CVE-2026-50381 Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability

...

5.5CVSS0.00292EPSS
Exploits0References1
CVE
CVE
added 3 days ago14 views

CVE-2026-50381

The CVE-2026-50381 entry concerns the Windows Composite Image File System driver (cimfs.sys). A type confusion in this component can lead to local information disclosure by an authenticated user with low privileges (local access, no user interaction required). The CVSS 3.1 base score is 5.5 (Conf...

5.5CVSS6AI score0.00292EPSS
Exploits0References1Affected Software7
Vulnrichment
Vulnrichment
added 3 days ago3 views

CVE-2026-50381 Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability

...

5.5CVSS6.1AI score0.00292EPSS
Exploits0References1
OSV
OSV
added 3 days ago3 views

DEBIAN-CVE-2026-59198

Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0...

7.5CVSS6.1AI score0.00313EPSS
Exploits1References1
OSV
OSV
added 2026/07/09 12:52 p.m.1 views

OESA-2026-2927 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

7.3CVSS6.6AI score0.00231EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 1:16 p.m.3 views

UBUNTU-CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS6.1AI score0.00394EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/06 8:42 p.m.6 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the GdImageFile.open process. An attacker can cause excessive memory allocation by supplying a crafted .gd file that bypasses decompression bomb checks. Remediation Upgrade pillow to versio...

8.7CVSS6AI score0.00361EPSS
Exploits1References2
NVD
NVD
added 2026/07/06 7:17 p.m.6 views

CVE-2026-55380

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS0.00361EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/07/06 6:50 p.m.6 views

CVE-2026-55380

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS6AI score0.00361EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/07/06 6:50 p.m.6 views

EUVD-2026-41901

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS6AI score0.00361EPSS
Exploits1References3
OSV
OSV
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2834 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.8 views

PT-2026-55965

Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.3.0 Description In the Python imaging library, the GdImageFile. open function in PIL/GdImageFile.py reads image dimensions from the GD 2.x header and stores them in self. size without invoking Image. decompression...

7.5CVSS5.9AI score0.00361EPSS
Exploits1References39
EUVD
EUVD
added 2026/07/02 9:1 p.m.15 views

EUVD-2026-33432

golang.org/x/image/tiff has excessive resource consumption in PackBits decompression...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References6
OSV
OSV
added 2026/07/02 2:13 p.m.4 views

PYSEC-2026-705 Out-of-bounds Write in OpenCV.

In OpenCV 3.3.1 corresponding with OpenCV-Python 3.3.1.11, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmtjpeg2000.cpp when parsing a crafted image file...

5.5CVSS6.2AI score0.01507EPSS
Exploits1References10
EUVD
EUVD
added 2026/06/29 4:31 p.m.9 views

EUVD-2026-40151

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.00231EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 8:17 p.m.9 views

CVE-2026-46602

The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...

7.5CVSS0.00339EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...

6.7CVSS6.4AI score0.00243EPSS
Exploits0References3
Rows per page
Query Builder