2706 matches found
CVE-2026-61863
A flaw was found in ImageMagick. When processing a Tagged Image File Format TIFF image, a small memory leak can occur if the TIFF encoder is unable to create a temporary file. This can lead to a gradual consumption of system memory, potentially impacting the availability of the application...
EUVD-2026-44616
ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the TIFF encoder when memory allocation fails. Attackers can trigger allocation failures during TIFF image processing to cause memory exhaustion and denial of service...
CVE-2026-50381
Access of resource using incompatible type 'type confusion' in Composite Image File System Driver allows an authorized attacker to disclose information locally...
CVE-2026-50381 Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability
...
CVE-2026-50381
The CVE-2026-50381 entry concerns the Windows Composite Image File System driver (cimfs.sys). A type confusion in this component can lead to local information disclosure by an authenticated user with low privileges (local access, no user interaction required). The CVSS 3.1 base score is 5.5 (Conf...
CVE-2026-50381 Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability
...
DEBIAN-CVE-2026-59198
Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0...
OESA-2026-2927 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
UBUNTU-CVE-2026-14454
Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the GdImageFile.open process. An attacker can cause excessive memory allocation by supplying a crafted .gd file that bypasses decompression bomb checks. Remediation Upgrade pillow to versio...
CVE-2026-55380
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
CVE-2026-55380
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
EUVD-2026-41901
Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...
OESA-2026-2834 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
PT-2026-55965
Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.3.0 Description In the Python imaging library, the GdImageFile. open function in PIL/GdImageFile.py reads image dimensions from the GD 2.x header and stores them in self. size without invoking Image. decompression...
EUVD-2026-33432
golang.org/x/image/tiff has excessive resource consumption in PackBits decompression...
PYSEC-2026-705 Out-of-bounds Write in OpenCV.
In OpenCV 3.3.1 corresponding with OpenCV-Python 3.3.1.11, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmtjpeg2000.cpp when parsing a crafted image file...
EUVD-2026-40151
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...
CVE-2026-46602
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. A specially crafted JPEG file can cause the JPEG parser in grub2 to incorrectly check the boundaries of its internal buffers, leading to an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is still a concer...