Lucene search
+L

100 matches found

redhatcve
redhatcve
added yesterday5 views

CVE-2026-54058

A flaw was found in Pillow prior to 12.3.0. When an uncompressed McIdas AREA image is loaded from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width. Pixel access such as Image.tobytes, getpixel, convert, or save ca...

9.1CVSS6AI score0.00384EPSS
Exploits0References7
cvelist
cvelist
added 2026/07/06 6:50 p.m.34 views

CVE-2026-55380 Pillow GdImageFile decompression bomb protection bypass

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS0.00361EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.13 views

PT-2026-53016

Name of the Vulnerable Software and Affected Versions Incus affected versions not specified Description An arbitrary file write exists in the Incus client that can lead to arbitrary command execution as root on the server. The issue occurs when the client processes a request with source.type=url...

9.9CVSS6.2AI score
Exploits0References7
nvd
nvd
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53206

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...

5.5CVSS0.00112EPSS
Exploits0References2
osv
osv
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53206 accel/ivpu: Add bounds check for firmware runtime memory

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References5
osv
osv
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53195 USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr()

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...

7.8CVSS6AI score0.00153EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.14 views

PT-2026-52302

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where the firmware runtime memory specified in the image header is not properly validated. The lack of bounds checks for alignment and size ca...

5.5CVSS6AI score0.00112EPSS
Exploits0References10
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.10 views

PT-2026-52291

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap overflow exists in the build i2c fw hdr function. The function allocates a fixed-size buffer but copies a number of bytes determined by the Length variable from the firmware file...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References22
osv
osv
added 2026/05/26 1:30 p.m.3 views

GHSA-37J2-3VV8-CF24 Mattermost doesn't validate the TIFF IFD offset in the image header before allocating memory

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References4
nvd
nvd
added 2026/05/22 11:16 a.m.12 views

CVE-2026-5755

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS0.00245EPSS
Exploits0References1
euvd
euvd
added 2026/05/22 10:18 a.m.14 views

EUVD-2026-31427

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/04/24 2:31 a.m.3 views

CVE-2026-41309

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

8.2CVSS5.7AI score0.00369EPSS
Exploits0References4Affected Software1
alpinelinux
alpinelinux
added 2026/04/06 3:19 p.m.5 views

CVE-2026-34378

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

6.5CVSS6AI score0.00262EPSS
Exploits1
cnnvd
cnnvd
added 2026/03/31 12:0 a.m.10 views

stb 资源管理错误漏洞

STB is a public domain library for C/C++ developed by Sean Barrett. Versions of STB prior to 2.30 contained a resource management vulnerability, which stemmed from incorrect operations on the stbiloadgifmain function in the stbimage.h file. This vulnerability could lead to double deallocation of...

5.3CVSS6AI score0.00113EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/02/21 5:36 a.m.6 views

CVE-2026-27211

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.6AI score0.005EPSS
Exploits1References8Affected Software1
osv
osv
added 2026/02/20 11:15 p.m.6 views

CVE-2018-25158

Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions, and execute...

8.8CVSS6.1AI score0.00376EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/02/18 12:0 a.m.7 views

CVE-2026-24708

An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in a...

8.2CVSS5.5AI score0.00341EPSS
Exploits0References3Affected Software1
osv
osv
added 2025/12/10 10:16 p.m.5 views

UBUNTU-CVE-2025-66628

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

7.5CVSS6AI score0.00456EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2025/10/10 12:0 a.m.14 views

PT-2025-41514

Name of the Vulnerable Software and Affected Versions libpadm.so versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds write exists in the parsing header for JPEG decoding. This issue can lead to memory corruption for local attackers. The vulnerable component is libpadm.so...

4CVSS6.6AI score0.00118EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-19432

Malware in sbrugna...

6.1CVSS6.3AI score0.00664EPSS
Exploits1References2
Rows per page
Query Builder