1080 matches found
CVE-2026-21368
Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks...
CVE-2026-21368 Out-of-bounds Write in Camera Driver
Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks...
PT-2026-55988
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when parsing jpeg commands. This is caused by unaccounted extra writes to the buffer during validation checks. Recommendations At the...
PT-2026-55578
Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...
CVE-2026-20244 ClamAV DMG File Processing Denial of Service Vulnerability
A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...
PT-2026-54709
Name of the Vulnerable Software and Affected Versions ClamAV affected versions not specified Description An issue exists in the DMG file format parser where improper boundary checks for content during scanning can lead to memory corruption. On 32-bit platforms, this specifically manifests as an...
CVE-2026-46604
The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset...
DEBIAN-CVE-2026-46601
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
CVE-2026-46602
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption...
Astra Linux – Vulnerability in qtimageformats-opensource-src
When loading a specially crafted ICNS format image file in QImage, it will cause a crash. This issue affects Qt versions 6.3.0 through 6.5.9, 6.6.0 through 6.8.4, and 6.9.0. This issue has been fixed in versions 6.5.10, 6.8.5, and 6.9.1...
Astra Linux – Vulnerability in GIMP
A flaw was discovered in GIMP. There is an integer overflow vulnerability when processing ICO image files, specifically in the icoreadinfo and icoreadicon functions. This issue arises because the size calculation for image buffers can exceed the limit due to a 32-bit integer evaluation, allowing...
EUVD-2025-210287
Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...
CVE-2026-4367
LibXpm vulnerability CVE-2026-4367: a local user can trigger an out-of-bounds read in xpmNextWord() while parsing XPM images, potentially crashing the process and causing DoS. Concrete details across connected docs show the flaw resides in libXpm, with impact limited to availability (I) and no co...
PT-2026-49754
Name of the Vulnerable Software and Affected Versions DNG SDK versions prior to 1.7.1 2536 Description A Heap-based Buffer Overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially corrupting adjacent memory. This issue could result in arbitrar...
PT-2026-49335
Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description An out-of-bounds read occurs in the VA JPEG decoder within the gst-plugins-bad module. The JPEG parser reads a segment length value from the bitstream without validating it...
SUSE CVE-2026-46522
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...
CVE-2026-48734 ImageMagick: Stack Overflow in MVG decoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...
EUVD-2026-36171
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and...
Apache Answer 代码问题漏洞
Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer 2.0.0 and earlier had code vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on the upload of dangerous types of files. Custom TIFF images might trigger...
CVE-2026-8454
Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The...