Lucene search
K

110 matches found

EUVD
EUVD
added 6 days ago10 views

EUVD-2026-39772

A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the current process via supplying a crafted JPEG 2000 JP2 file...

6.5CVSS6.2AI score0.00465EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 1:41 a.m.9 views

CVE-2025-71319

A flaw was found in image-size. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted JXL, HEIF, or JP2 image files that contain zero-sized boxes. The findBox function, responsible for image validation, enters an infinite loop when processing...

8.7CVSS5.8AI score0.00625EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.14 views

PT-2026-51382

Name of the Vulnerable Software and Affected Versions FastStone Image Viewer versions prior to 8.3.0.1 Description Heap-based buffer overflow flaws exist in the JP2 and PSD file parsers within the FSViewer.exe process. A malformed QCD quantization default marker 0xFF5C in a crafted JPEG 2000 JP2...

6.5CVSS6.5AI score0.00465EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/06/18 8:31 p.m.7 views

CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS5.9AI score0.00263EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.7 views

CVE-2026-46559

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. An incorrect check during JPEG 2000 JP2 image processing, when certain options are specified, can lead to a heap buffer overwrite of a single byte. This vulnerability could allow a...

6.2CVSS5.2AI score0.00116EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/15 2:9 a.m.6 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS6.3AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.7 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.7 views

SUSE CVE-2026-46559

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...

4CVSS5.4AI score0.00116EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 7:57 p.m.68 views

CVE-2025-71319

CVE-2025-71319 affects image-size versions 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2. The vulnerability resides in the findBox function, triggered when processing crafted images with zero-sized boxes (JXL, HEIF, or JP2), causing an infinite loop and denial of service. The issue could lead to appl...

8.7CVSS5.8AI score0.00625EPSS
Exploits1References7Affected Software1
Snyk
Snyk
added 2026/05/18 8:37 p.m.8 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/12 11:49 p.m.11 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS7.7AI score0.00744EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/04/24 11:44 a.m.4 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG...

8.7CVSS5.7AI score0.00566EPSS
Exploits0References44
EUVD
EUVD
added 2026/04/21 1:27 a.m.3 views

EUVD-2026-24041

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/04/21 1:27 a.m.4 views

CVE-2026-39886

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1
Snyk
Snyk
added 2026/04/14 6:51 p.m.8 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.9 views

Out-of-bounds Write

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/14 6:51 p.m.6 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the JP2 encoder when an invalid sampling index is specified. An attacker can cause a denial of service by providing a specially crafted input file. Remediation A fix was pushed into the master branch but not yet...

6.8CVSS5.7AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/13 10:27 p.m.5 views

CVE-2026-40310

A flaw was found in ImageMagick. This vulnerability, a heap out-of-bounds write, occurs within the JPEG 2000 JP2 encoder when processing an image with an invalid sampling index. A remote attacker could exploit this by providing a specially crafted image, which may lead to a denial of service DoS ...

6.5CVSS5.8AI score0.00189EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.3 views

PT-2026-32540

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-19 ImageMagick versions prior to 6.9.13-44 Description A heap out-of-bounds write occurs in the JP2 encoder when a user specifies an invalid sampling index. A heap out-of-bounds write is a memory corruption...

5.5CVSS5.8AI score0.00189EPSS
Exploits0References124
NVD
NVD
added 2026/04/11 1:16 a.m.3 views

CVE-2026-4152

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00744EPSS
Exploits0References11
Rows per page
Query Builder