2178 matches found
CVE-2025-43215
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory...
CVE-2025-43226
CVE-2025-43226: An out-of-bounds read fixed by improved input validation. Affected: watchOS 11.6; iOS 18.6 and iPadOS 18.6; iPadOS 17.7.9; tvOS 18.6; macOS Sequoia 15.6; macOS Sonoma 14.7.7; visionOS 2.6. Issue arises while processing a malicious image and may disclose process memory. Remediation...
CVE-2025-43215
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory...
CVE-2025-43215
CVE-2025-43215 affects macOS Sequoia; the issue involves processing of malicious images that could disclose process memory. It is fixed in macOS Sequoia 15.6 via improved checks. Practical impact is memory disclosure when handling crafted images. Remediation: update to macOS Sequoia 15.6 or later...
CVE-2025-43215
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory...
Invisible Injections: Exploiting Vision-Language Models through Steganographic Prompt Embedding
Vision-language models VLMs have revolutionized multimodal AI applications but introduce novel security vulnerabilities that remain largely unexplored. We present the first comprehensive study of steganographic prompt injection attacks against VLMs, where malicious instructions are invisibly...
CVE-2025-54418
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing imagick as the image library and either allow file uploads with user-controlled filenames and process...
PT-2025-31111 · Unknown · Imagemagick +1
Name of the Vulnerable Software and Affected Versions: CodeIgniter versions prior to 4.6.2 Description: CodeIgniter is a PHP full-stack web framework susceptible to a command injection issue. The vulnerability impacts applications utilizing the ImageMagick handler imagick for image processing and...
Infinite loop
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Infinite loop
Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Infinite loop
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Infinite loop
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
CVE-2025-53101 ImageMagick has Stack Buffer Overflow in image.c
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick mogrify command, specifying multiple consecutive %d format specifiers in a filename template causes internal pointer arithmetic to...
Rainbow Artifacts from Electromagnetic Signal Injection Attacks on Image Sensors
Image sensors are integral to a wide range of safety- and security-critical systems, including surveillance infrastructure, autonomous vehicles, and industrial automation. These systems rely on the integrity of visual data to make decisions. In this work, we investigate a novel class of...
CVE-2025-7345
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
PT-2025-28458 · Gnome +6 · Glib +7
Name of the Vulnerable Software and Affected Versions: gdk-pixbuf affected versions not specified glib affected versions not specified Description: A flaw exists in gdk-pixbuf and glib, specifically in the gdk pixbuf jpeg image load increment function and g base64 encode step, respectively. When...
[SECURITY] Fedora 41 Update: darktable-5.2.0-1.fc41
darktable manages your camera raw files and images in a database, lets you view them through lighttable mode and develop/enhance them in darkroom mode...
Pillow vulnerability can cause write buffer overflow on BCn encoding
There is a heap buffer overflow when writing a sufficiently large 64k encoded with default settings image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. Unclear how large the potential...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: Security issues fixed: CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing bsc1241659. CVE-2025-46393: mishandling of packetsize and rendering of channels in arbitrary order in multispectral MIF...
SUSE-SU-2025:02188-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing bsc1241659. - CVE-2025-46393: mishandling of packetsize and rendering of channels in arbitrary order in multispectral...