CVE-2026-39824 affecting package azurelinux-image-tools for versions less than 1.4.0-1

CVE-2026-39824 affecting package azurelinux-image-tools for versions less than 1.4.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-39821 affecting package azurelinux-image-tools for versions less than 1.3.0-2

CVE-2026-39821 affecting package azurelinux-image-tools for versions less than 1.3.0-2. A patched version of the package is available...

CVE-2026-39882 affecting package azurelinux-image-tools for versions less than 1.3.0-1

CVE-2026-39882 affecting package azurelinux-image-tools for versions less than 1.3.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-29181 affecting package azurelinux-image-tools for versions less than 1.3.0-1

CVE-2026-29181 affecting package azurelinux-image-tools for versions less than 1.3.0-1. An upgraded version of the package is available that resolves this issue...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.2 contained security vulnerabilities. These vulnerabilities stemmed from the image tools not adhering to the “tools.fs.workspaceOnly” restriction, which could allow attackers to...

CVE-2026-27141 affecting package azurelinux-image-tools for versions less than 1.2.0-2

CVE-2026-27141 affecting package azurelinux-image-tools for versions less than 1.2.0-2. A patched version of the package is available...

CVE-2026-25884

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

AZL-78680 CVE-2026-27141 affecting package azurelinux-image-tools 1.2.0-1

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic...

CVE-2018-16980

dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/imagetools/index.jsp fieldName and inode parameters...

Bug in Google Markup, Windows Photo-Cropping Tools Exposes Removed Image Data

Image-editing tools from Google and Microsoft contain the “aCropalypse” bug, which can reveal information users intentionally removed...

dotCMS cross-site scripting vulnerability (CNVD-2019-07129)

dotCMS is a content management system CMS from the United States dotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . The 'fieldName' and 'inode' parameters in the /html/portlet/ext/contentlet/imagetools/index.jsp page in dotCMS...

Design/Logic Flaw

dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/imagetools/index.jsp fieldName and inode parameters...

CVE-2018-16980

dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/imagetools/index.jsp fieldName and inode parameters...

ALPINE-CVE-2018-16980

dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/imagetools/index.jsp fieldName and inode parameters...

pbm212030 buffer overflow vulnerability

pbm212030 is a set of portable bitmap format PBM image processing tools. A buffer overflow vulnerability exists in pbm212030. A remote attacker could use this vulnerability to cause a denial of service crash or execute arbitrary code with a specially crafted PBM image...