Lucene search
K

5954 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

libjxl 安全漏洞

libjxl is an open-source implementation of the JPEG XL image format. Version 0.12.0 of libjxl contains a security vulnerability, which stems from a heap buffer overflow caused by a specially crafted PBM image in the jxl::extras::DecodeImagePNM function...

7.3CVSS6AI score0.00367EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.14 views

CVE-2026-38426

Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv10scripter.ino, fetchjpg, jpgtask.boundary40, strcpy function...

6.2AI score0.00614EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-46011

media: mtk-jpeg: fix use-after-free in release path due to uncancelled work...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43878

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the mtk jpeg release function. The function frees the context structure ctx without cancelling pending or running work in ctx-jpeg work. This creates a race...

7.8CVSS5.8AI score0.00125EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtk-jpeg driver failing to cancel the work queue during the release process, potentially...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References5
OSV
OSV
added 2026/05/26 7:31 p.m.21 views

JLSEC-2026-537

A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

5.5CVSS6.2AI score0.0161EPSS
Exploits0References12
OSV
OSV
added 2026/05/26 7:31 p.m.15 views

JLSEC-2026-546

A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420torgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg...

7.8CVSS7.3AI score0.01536EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-47112

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj jp2 read header may lead to OOB heap memory write when the data stream p stream is too short and p image is not initialized...

7.5CVSS5.5AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

TencentOS Server 3: LibRaw (TSSA-2026:0352)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0352 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS6.4AI score0.00746EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

TencentOS Server 3: gdk-pixbuf2 (TSSA-2026:0366)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0366 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS7.2AI score0.01069EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.12 views

TencentOS Server 4: gdk-pixbuf2 (TSSA-2026:0321)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0321 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS6AI score0.01069EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2026/05/21 12:0 a.m.15 views

gdk-pixbuf2 security update

2.36.12-3.0.3 - Backport fixes for CVE-2026-5201 Orabug: 39288631 2.36.12-3.0.1 - jpeg: Be more careful with chunked icc data Orabug: 38359772CVE-2025-7345...

7.5CVSS7.1AI score0.01069EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Buffer size aligned upwards. The hardware can support any image size, WxH, with arbitrary values for W image width and H image height. The buffer size is aligned upwards for both the encoder and the decoder, whil...

7.1CVSS6AI score0.00207EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: A bug was fixed regarding accessing an array out of bounds. When an error occurs during the parsing of JPEG data, the corresponding slot may not be acquired yet. This could be due to the default value being...

7.1CVSS6.1AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: This issue prevents the decoding of NV12M JPEG images into single-planar buffers. If an application queues a NV12M JPEG image as the output buffer, and then queues a single-planar capture buffer, the kernel may...

5.5CVSS6.1AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in dcmtk

A vulnerability has been discovered in DCMTK 3.6.9. It has been classified as critical. This vulnerability affects unknown code within the dcmjpls JPEG-LS Decoder component. The vulnerability leads to memory corruption. The attack can be initiated remotely. The exploit has been made public and ma...

7.5CVSS6.3AI score0.00391EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libjpeg-turbo

LibJPEG 9c has a major issue with a large loop, as the readPixel function in rdtarga.c improperly handles EOF situations...

7.5CVSS6.3AI score0.03162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openjpeg2

A heap-based buffer overflow was detected in openjpeg, specifically at line 379:42 in color.c:420 when decompressing a specially crafted .j2k file. An attacker could exploit this vulnerability to execute arbitrary code with the permissions of the application compiled against openjpeg...

7.8CVSS7.6AI score0.01536EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gdk-pixbuf

There is a flaw in gdk-pixbuf, specifically within the gdkpixbufjpegimageloadincrement function io-jpeg.c, and in glib’s gbase64encodestep function glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing for out-of-bounds...

7.5CVSS7.2AI score0.01051EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libimage-exiftool-perl

A vulnerability was detected in ExifTool version 13.53. The issue affects the Processmrld function in the lib/Image/ExifTool/GM.pm file, specifically in the JPEG/QuickTime/MOV/MP4 component. Manipulating the -ee argument leads to code injection. Local attacks are required to exploit this...

5.3CVSS6AI score0.0018EPSS
Exploits0References1
Rows per page
Query Builder