Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

106 matches found

RedhatCVE
RedhatCVEadded 2 days ago5 views

CVE-2026-46559

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. An incorrect check during JPEG 2000 JP2 image processing, when certain options are specified, can lead to a heap buffer overwrite of a single byte. This vulnerability could allow a...

6.2CVSS5.2AI score0.00155EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2 days ago5 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS6.3AI score0.00606EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2 days ago6 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00606EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 5 days ago4 views

SUSE CVE-2026-46559

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...

4CVSS5.4AI score0.00155EPSS
Exploits0References3
CVE
CVEadded 2026/06/09 7:57 p.m.11 views

CVE-2025-71319

CVE-2025-71319 affects image-size versions 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2. The vulnerability resides in the findBox function, triggered when processing crafted images with zero-sized boxes (JXL, HEIF, or JP2), causing an infinite loop and denial of service. The issue could lead to appl...

8.7CVSS5.8AI score0.0053EPSS
Exploits1References3Affected Software1
Snyk
Snykadded 2026/05/18 8:37 p.m.5 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.2CVSS5.9AI score0.00155EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2026/05/12 11:49 p.m.7 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS7.7AI score0.00606EPSS
Exploits0References6
SUSE Linux
SUSE Linuxadded 2026/04/24 11:44 a.m.2 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. CVE-2026-33901: Denial of Service due to heap buffer overflow in MVG...

8.7CVSS5.7AI score0.0051EPSS
Exploits0References44
EUVD
EUVDadded 2026/04/21 1:27 a.m.1 views

EUVD-2026-24041

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2026/04/21 1:27 a.m.2 views

CVE-2026-39886

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1
Snyk
Snykadded 2026/04/14 6:51 p.m.5 views

Out-of-bounds Write

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
Snyk
Snykadded 2026/04/14 6:51 p.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the JP2 encoder when an invalid sampling index is specified. An attacker can cause a denial of service by providing a specially crafted input file. Remediation A fix was pushed into the master branch but not yet...

6.8CVSS5.7AI score0.00189EPSS
Exploits0References3
Snyk
Snykadded 2026/04/14 6:51 p.m.5 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/04/13 10:27 p.m.3 views

CVE-2026-40310

A flaw was found in ImageMagick. This vulnerability, a heap out-of-bounds write, occurs within the JPEG 2000 JP2 encoder when processing an image with an invalid sampling index. A remote attacker could exploit this by providing a specially crafted image, which may lead to a denial of service DoS ...

6.5CVSS5.8AI score0.00189EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.1 views

PT-2026-32540

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-19 ImageMagick versions prior to 6.9.13-44 Description A heap out-of-bounds write occurs in the JP2 encoder when a user specifies an invalid sampling index. A heap out-of-bounds write is a memory corruption...

7.5CVSS5.8AI score0.00465EPSS
Exploits0References76
NVD
NVDadded 2026/04/11 1:16 a.m.1 views

CVE-2026-4152

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00606EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/11 12:15 a.m.26 views

CVE-2026-4152 GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.00606EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/11 12:15 a.m.3 views

CVE-2026-4152

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.6AI score0.00606EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/04/11 12:15 a.m.2 views

EUVD-2026-21633

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.6AI score0.00606EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/01 8:51 p.m.4 views

CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.4CVSS6.5AI score0.00463EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder