Lucene search
K

5949 matches found

Vulnrichment
Vulnrichment
added 2026/06/18 8:31 p.m.3 views

CVE-2026-45696 OpenEXR HTJ2K decoder heap buffer over-read in ht_undo_impl() (DoS)

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS5.9AI score0.00263EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/06/18 8:31 p.m.9 views

CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS5.9AI score0.00263EPSS
Exploits1References5
OSV
OSV
added 2026/06/18 6:4 p.m.4 views

MGASA-2026-0222 Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.5AI score0.00867EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/18 6:4 p.m.7 views

Updated gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, gstreamer1.0-plugins-good & gstreamer1.0-plugins-ugly packages fix security vulnerabilities

CVE-2026-2921, GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability CVE-2026-2923.GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability CVE-2026-3082, GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2026-308...

8.8CVSS7.6AI score0.00867EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 1:17 p.m.8 views

Security Bulletin: Oracle Outside In Technology (OIT) v8.5.7 BP9, v8.5.8 BP2 vulnerabilities CVE-2025-54874 (vulnerable), CVE-2025-59375 (vulnerable) in FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing

Summary Oracle Outside In Technology OIT v8.5.7 BP9, v8.5.8 BP2 January, 2026 vulnerabilities CVE-2025-54874 vulnerable, CVE-2025-59375 vulnerable in FileNet Content Manager FNCM Content Based Retrieval CBR content indexing Vulnerability Details CVEID:CVE-2025-54874 DESCRIPTION: OpenJPEG is an...

9.8CVSS6.6AI score0.01279EPSS
Exploits2Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/18 1:53 a.m.6 views

SUSE CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/16 3:54 a.m.10 views

CVE-2026-5497

A flaw was found in vLLM. An attacker can exploit this vulnerability by sending a specially crafted API request containing an excessive number of base64-encoded JPEG frames within a data URL. This unbounded processing of frames in the VideoMediaIO.loadbase64 method leads to an Out-of-Memory OOM...

7.5CVSS6.7AI score0.00543EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/15 9:30 p.m.13 views

EUVD-2026-36798

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References4
NVD
NVD
added 2026/06/15 8:16 p.m.9 views

CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS0.00301EPSS
Exploits0References6
OSV
OSV
added 2026/06/15 8:16 p.m.4 views

UBUNTU-CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/15 7:10 p.m.37 views

CVE-2026-52719 Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds read via jpeg segment length validation in va decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS0.00301EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/15 7:10 p.m.5 views

CVE-2026-52719 Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds read via jpeg segment length validation in va decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References5
CVE
CVE
added 2026/06/15 7:10 p.m.23 views

CVE-2026-52719

GStreamer: out-of-bounds read in the VA JPEG decoder of gst-plugins-bad (CVE-2026-52719). The JPEG parser reads a segment length without validating against available data, enabling a remote attacker to craft a JPEG that, when opened by a user, may cause parsing to read beyond the input buffer, po...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/15 7:10 p.m.5 views

CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/15 7:10 p.m.6 views

CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.3AI score0.00301EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.8 views

CVE-2026-46559

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. An incorrect check during JPEG 2000 JP2 image processing, when certain options are specified, can lead to a heap buffer overwrite of a single byte. This vulnerability could allow a...

6.2CVSS5.2AI score0.00116EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.14 views

CVE-2025-71329

A flaw was found in image-size. A remote attacker can exploit this vulnerability by providing a specially crafted image buffer that contains a zero-valued size field within a recognized box-type. This malicious input can trigger an infinite loop in the JXL or HEIF image parsers, leading to a...

8.7CVSS5.6AI score0.0043EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:9 a.m.6 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS6.3AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.8 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 1:49 a.m.10 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
Rows per page
Query Builder