5954 matches found
libjxl 安全漏洞
libjxl is an open-source implementation of the JPEG XL image format. Version 0.12.0 of libjxl contains a security vulnerability, which stems from a heap buffer overflow caused by a specially crafted PBM image in the jxl::extras::DecodeImagePNM function...
CVE-2026-38426
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv10scripter.ino, fetchjpg, jpgtask.boundary40, strcpy function...
CVE-2026-46011
media: mtk-jpeg: fix use-after-free in release path due to uncancelled work...
PT-2026-43878
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the mtk jpeg release function. The function frees the context structure ctx without cancelling pending or running work in ctx-jpeg work. This creates a race...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtk-jpeg driver failing to cancel the work queue during the release process, potentially...
JLSEC-2026-537
A flaw was found in OpenJPEG’s encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...
JLSEC-2026-546
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420torgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg...
PT-2026-47112
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj jp2 read header may lead to OOB heap memory write when the data stream p stream is too short and p image is not initialized...
TencentOS Server 3: LibRaw (TSSA-2026:0352)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0352 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: gdk-pixbuf2 (TSSA-2026:0366)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0366 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 4: gdk-pixbuf2 (TSSA-2026:0321)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0321 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
gdk-pixbuf2 security update
2.36.12-3.0.3 - Backport fixes for CVE-2026-5201 Orabug: 39288631 2.36.12-3.0.1 - jpeg: Be more careful with chunked icc data Orabug: 38359772CVE-2025-7345...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Buffer size aligned upwards. The hardware can support any image size, WxH, with arbitrary values for W image width and H image height. The buffer size is aligned upwards for both the encoder and the decoder, whil...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: A bug was fixed regarding accessing an array out of bounds. When an error occurs during the parsing of JPEG data, the corresponding slot may not be acquired yet. This could be due to the default value being...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: This issue prevents the decoding of NV12M JPEG images into single-planar buffers. If an application queues a NV12M JPEG image as the output buffer, and then queues a single-planar capture buffer, the kernel may...
Astra Linux – Vulnerability in dcmtk
A vulnerability has been discovered in DCMTK 3.6.9. It has been classified as critical. This vulnerability affects unknown code within the dcmjpls JPEG-LS Decoder component. The vulnerability leads to memory corruption. The attack can be initiated remotely. The exploit has been made public and ma...
Astra Linux – Vulnerability in libjpeg-turbo
LibJPEG 9c has a major issue with a large loop, as the readPixel function in rdtarga.c improperly handles EOF situations...
Astra Linux – Vulnerability in openjpeg2
A heap-based buffer overflow was detected in openjpeg, specifically at line 379:42 in color.c:420 when decompressing a specially crafted .j2k file. An attacker could exploit this vulnerability to execute arbitrary code with the permissions of the application compiled against openjpeg...
Astra Linux – Vulnerability in gdk-pixbuf
There is a flaw in gdk-pixbuf, specifically within the gdkpixbufjpegimageloadincrement function io-jpeg.c, and in glib’s gbase64encodestep function glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing for out-of-bounds...
Astra Linux – Vulnerability in libimage-exiftool-perl
A vulnerability was detected in ExifTool version 13.53. The issue affects the Processmrld function in the lib/Image/ExifTool/GM.pm file, specifically in the JPEG/QuickTime/MOV/MP4 component. Manipulating the -ee argument leads to code injection. Local attacks are required to exploit this...