PT-2026-28384

Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions prior to 2.6.0 Description The application is designed for managing recipes, planning meals, and creating shopping lists. Prior to version 2.6.0, the image processing pipeline does not remove EXIF metadata, rescale...

EUVD-2016-3022

Malware in sbrugna...

EUVD-2020-30734

Malware in sbrugna...

EUVD-2019-18058

Malware in sbrugna...

EUVD-2017-18141

Malware in sbrugna...

EUVD-2023-2732

Malicious code in bioql PyPI...

EUVD-2021-32113

Malicious code in bioql PyPI...

EUVD-2021-7202

Malicious code in bioql PyPI...

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2025-972)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-972 advisory. In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. CVE-2025-43965 Tenable has extracted the preceding description block directly from the...

CVE-2023-42888

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. Processing a maliciously crafted image may result in disclosure of process memory...

CVE-2021-29533

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK failure by passing an empty image to tf.rawops.DrawBoundingBoxes. This is because the...

CVE-2025-48175

In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes...

Mageia: Security Advisory (MGASA-2025-0141)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2019:2529-1 Security update for libjpeg-turbo

This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. bsc1156402 This update was imported from the SUSE:SLE-15:Update update project...

CVE-2016-3620

The ZIPEncode function in tifzip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...