1118 matches found
Security Bulletin: Oracle Outside In Technology (OIT) v8.5.7 BP9, v8.5.8 BP2 vulnerabilities CVE-2025-54874 (vulnerable), CVE-2025-59375 (vulnerable) in FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing
Summary Oracle Outside In Technology OIT v8.5.7 BP9, v8.5.8 BP2 January, 2025 vulnerabilities CVE-2025-54874 vulnerable, CVE-2025-59375 vulnerable in FileNet Content Manager FNCM Content Based Retrieval CBR content indexing Vulnerability Details CVEID:CVE-2025-54874 DESCRIPTION: OpenJPEG is an...
JLSEC-2026-546
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420torgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg...
PT-2026-47112
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj jp2 read header may lead to OOB heap memory write when the data stream p stream is too short and p image is not initialized...
gimp: GIMP: Remote Code Execution via malicious JP2 file parsing
A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...
ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder.
An incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options...
Out-of-bounds Write
Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
PT-2026-41805
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incorrect check in the JP2 results in a heap buffer over-write of a single byte when certain options are specified. A heap buffer over-write occurs when data ...
DEBIAN-CVE-2026-43905
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...
Astra Linux - уязвимость в openjpeg2
A heap-based buffer overflow was detected in openjpeg, specifically at line 379:42 in color.c:420 when decompressing a specially crafted .j2k file. An attacker could exploit this vulnerability to execute arbitrary code with the permissions of the application compiled against openjpeg...
SUSE SLES15 Security Update : ImageMagick (SUSE-SU-2026:1597-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1597-1 advisory. - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via...
CVE-2026-39886
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...
CVE-2026-39886
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...
[SECURITY] [DSA 6215-1] gimp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6215-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2026 https://www.debian.org/security/faq -...
Out-of-bounds Write
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Out-of-bounds Write
Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Out-of-bounds Write
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Out-of-bounds Write
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
DEBIAN-CVE-2026-40310
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 an...
CVE-2026-40310 ImageMagick: Heap out-of-bounds write in JP2 encoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 an...
CVE-2026-4152
A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...