Lucene search
K

5960 matches found

RedHat Linux
RedHat Linux
added 2026/06/15 2:9 a.m.9 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS6.3AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.11 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 1:49 a.m.13 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.25 views

Linux Distros Unpatched Vulnerability : CVE-2026-52719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the...

7.1CVSS6AI score0.00301EPSS
Exploits0References4
Debian
Debian
added 2026/06/12 6:50 p.m.15 views

[SECURITY] [DSA 6342-1] jpeg-xl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6342-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 12, 2026 https://www.debian.org/security/faq -...

7.3CVSS5.8AI score0.00367EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.8 views

SUSE CVE-2026-46559

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...

3.3CVSS5.4AI score0.00116EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.8 views

Debian dsa-6342 : jpeg-xl-doc - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6342 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6342-1 [email protected] https://www.debian.org/security/ Moritz...

7.3CVSS6.1AI score0.00367EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2026/06/12 12:0 a.m.9 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports: Multiple security issues were identified and fixed in the GStreamer framework. GStreamer-SA-2026-0030: Missing bounds checks in RTCP SDES packet parsing GStreamer-SA-2026-0031: Integer overflow and truncation in MXF demuxer GStreamer-SA-2026-0032: Out-of-bounds read...

8.8CVSS5.9AI score0.0053EPSS
Exploits0References17
Snyk
Snyk
added 2026/06/11 8:31 a.m.7 views

Allocation of Resources Without Limits or Throttling

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the VideoMediaIO.loadbase64 function. An attacker can cause the server to exhaust memory...

8.7CVSS7.1AI score0.00543EPSS
Exploits1References2
CVE
CVE
added 2026/06/11 8:31 a.m.70 views

CVE-2026-5497

CVE-2026-5497 affects vLLM 0.8.0 and later, where VideoMediaIO.load_base64() can perform unbounded frame processing for video/jpeg data URLs, leading to an Out-of-Memory DoS. An attacker can craft a single API request with thousands of comma-separated base64 JPEG frames, causing the server to dec...

7.5CVSS5.5AI score0.00543EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/06/10 9:45 p.m.37 views

CVE-2026-46559 ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options. This issue has been patched in versions...

4CVSS0.00116EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.19 views

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 6.9.13-48 and 7.1.2-23 contained security vulnerabilities. These vulnerabilities were caused by errors in...

4CVSS5.5AI score0.00116EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : gdk-pixbuf2 (EulerOS-SA-2026-2287)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...

7.5CVSS7.5AI score0.01069EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.7 views

EulerOS 2.0 SP13 : gdk-pixbuf2 (EulerOS-SA-2026-2330)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...

7.5CVSS7.5AI score0.01069EPSS
Exploits1References2
NVD
NVD
added 2026/06/09 9:17 p.m.17 views

CVE-2025-71319

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS0.0064EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/06/09 7:57 p.m.51 views

CVE-2025-71319 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS0.0064EPSS
Exploits1References3
CVE
CVE
added 2026/06/09 7:57 p.m.94 views

CVE-2025-71319

CVE-2025-71319 affects image-size versions 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2. The vulnerability resides in the findBox function, triggered when processing crafted images with zero-sized boxes (JXL, HEIF, or JP2), causing an infinite loop and denial of service. The issue could lead to appl...

8.7CVSS5.8AI score0.0064EPSS
Exploits1References8Affected Software1
Ubuntu
Ubuntu
added 2026/06/09 4:27 p.m.20 views

USN-8156-2: GDK-PixBuf vulnerability

USN-8156-1 fixed a vulnerability in GDK-PixBuf. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to caus...

7.5CVSS7.6AI score0.01069EPSS
Exploits1
OSV
OSV
added 2026/06/09 4:27 p.m.10 views

USN-8156-2 gdk-pixbuf vulnerability

USN-8156-1 fixed a vulnerability in GDK-PixBuf. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to caus...

7.5CVSS7.6AI score0.01069EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.22 views

image-size 资源管理错误漏洞

image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size from 1.1.0 to 1.2.1 and from 2.0.0 to 2.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the findBox function, which had a denial-of-service vulnerability when processin...

8.7CVSS5.9AI score0.0064EPSS
Exploits1References3
Rows per page
Query Builder