Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: CVE-2025-27795: Fixed missing image dimension resource limits in JXL bsc1239044 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

GHSA-M5QC-5HW7-8VG7 image-size Denial of Service via Infinite Loop during Image Processing

Summary image-size is vulnerable to a Denial of Service vulnerability when processing specially crafted images. The issue occurs because of an infine loop in findBox when processing certain images with a box with size 0. Details If the first bytes of the input does not match any bytes in...

image-size Denial of Service via Infinite Loop during Image Processing

Summary image-size is vulnerable to a Denial of Service vulnerability when processing specially crafted images. The issue occurs because of an infine loop in findBox when processing certain images with a box with size 0. Details If the first bytes of the input does not match any bytes in...

PT-2025-14538 · Npm · Image-Size

Summary image-size is vulnerable to a Denial of Service vulnerability when processing specially crafted images. The issue occurs because of an infine loop in findBox when processing certain images with a box with size 0. Details If the first bytes of the input does not match any bytes in...

PHPGurukul eLearning System 代码问题漏洞

PHPGurukul eLearning System is an eLearning system from PHPGurukul Inc. A code issue vulnerability exists in version 1.0 of the PHPGurukul eLearning System, which stems from an image processing component in the file /user/index.php that could lead to unlimited uploads...

Aim 资源管理错误漏洞

Aim is an easy-to-use and high-performance open source experiment tracker from Aim Open Source USA. Aim version 3.25.0 suffers from a resource management error vulnerability that stems from the tracking server's susceptibility to denial-of-service attacks, which may cause the server to be...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the addImage, html, and addSvgAsImage methods. An attacker can occupy excessive CPU by supplying a malicious data-url. PoC js import jsPDF from "jpsdf" const doc = new jsPDF; const payload =...

CVE-2025-25301

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

Linux Distros Unpatched Vulnerability : CVE-2017-9117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header matc...

Linux Distros Unpatched Vulnerability : CVE-2017-11449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial...

CVE-2025-25301 Rembg allows SSRF via /api/remove

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

CVE-2025-25301

Summary: Rembg (Python) versions up to and including 2.0.57 are affected by an SSRF vulnerability in the /api/remove endpoint. The endpoint accepts a URL query parameter to fetch, process, and return an image, which can enable an attacker to request internal-network resources hosted by the rembg ...

Astra Linux - уязвимость в imagemagick

A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service...

Unspecified Vulnerability in OpenImageIO

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. OpenImageIO security vulnerability , the vulnerability stems from the component / imagebuf.cpp in the allocation of the size of the over-sized error , ...

OpenImageIO Buffer Overflow Vulnerability

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. OpenImageIO suffers from a buffer overflow vulnerability that stems from a boundary error in the component /OpenImageIO/fmath.h when processing untrust...

CVE-2020-13561

An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from the disclosure of information during the processing of firmware image information during core initialization...

CVE-2024-44142

The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2024-44142

The issue was addressed with improved bounds checks. This issue is fixed in GarageBand 10.4.12. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2025-24086

The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing an image may lead to a denial-of-service...