CVE-2026-12325

CVE-2026-12325 is a denial-of-service vulnerability in the Graphics: ImageLib component. Affected products include Mozilla Firefox and Thunderbird; root cause and impact are described as DoS in ImageLib. The vulnerability is fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbir...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

JLSEC-2026-286

A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system...

UBUNTU-CVE-2026-3283

A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulation of the argument extractband leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to th...

ALPINE-CVE-2025-64505

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

EUVD-2025-25249

Malicious code in bioql PyPI...

SUSE CVE-2014-9709

The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function...

DEBIAN-CVE-2022-48281

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow e.g., "WRITE of size 307203" via a crafted TIFF image...

The vulnerability of the tif_unix.c component in the LibTIFF library allows a hacker to cause a service failure.

The vulnerability of the tifunix.c component in the LibTIFF library is related to reading data beyond the allowable buffer size. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

exiv2: DoS due to quadratic complexity in ProcessUTF8Portion

There's a flaw in the xmpsdk component shipped with exiv2. An attacker who is able to submit a crafted file to be processed by an application linked with the exiv2 library could cause an excessive consumption of resources, potentially leading to denial of service. The greatest impact of this flaw...

USN-4238-1 sdl-image1.2 vulnerabilities

It was discovered that SDLimage incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...

DEBIAN-CVE-2018-16336

Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted image file, a different vulnerability than CVE-2018-10999...

ALPINE-CVE-2017-14449

A double-Free vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability...

PYSEC-2017-136

A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...

Silicon Graphics LibTiff tiff2bw Denial of Service Vulnerability

Silicon Graphics LibTiff is a library for reading and writing TIFF files. A security vulnerability in the tifread.c file in Silicon Graphics LibTiff's tiff2bw tool allows remote attackers to construct malicious TIFF images that can be tricked into being parsed by the user, which can crash an...