Lucene search
K

65 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1013 Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

Impact If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error: python np.ones0, 231, 231 An example of a proof of concept: python import numpy as np import tensorflow as tf inputval =...

4.8CVSS5.9AI score0.0033EPSS
Exploits1References6
OSV
OSV
added 2026/06/18 1:7 p.m.11 views

GHSA-2R2C-CX56-8933 JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry

Summary The JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS Negotiate About Window Size option. An unauthenticated remote attacker can send a NAWS subnegotiation advertising a 65535×65535 terminal and repeatedly alternate...

7.5CVSS5.6AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in aom

Integer overflows in the libaom internal function imgallochelper can lead to heap buffer overflows. This function can be accessed through three methods: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows during the calculation of buffer sizes...

10CVSS7.2AI score0.01254EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libvpx

There are integer overflows in the libvpx library in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may lead to integer overflows in the calculations of buffer sizes and offsets, and some fields of the returned vpximaget struct may become invali...

9.1CVSS7.3AI score0.00814EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.14 views

CVE-2026-43909

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the loop index expression i 4 inside SwapRGBABytes causes the function to compute a large negative...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.12 views

PT-2026-41028

Name of the Vulnerable Software and Affected Versions OpenImageIO versions prior to 3.0.18.0 OpenImageIO versions prior to 3.1.13.0 Description A signed 32-bit integer overflow occurs in the loop index expression i 4 within the SwapRGBABytes function when processing kABGR DPX images with large...

10CVSS5.9AI score0.00371EPSS
Exploits4References15
Snyk
Snyk
added 2026/05/04 7:29 p.m.8 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the loadpnm process. An attacker can cause a heap buffer overflow by supplying a crafted PNM/PGM/PPM file with large dimension values that trigger an integer overflow during size computation, leading to...

6.9CVSS6AI score0.00142EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 6:16 p.m.22 views

CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS0.00142EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/04 5:51 p.m.34 views

CVE-2026-42144 CImg Library: Integer overflow in PNM size check bypasses memory guard (_load_pnm)

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS0.00142EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:51 p.m.5 views

CVE-2026-42144

CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the WHD size computation inside loadpnm that can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around...

6.1CVSS6.1AI score0.00142EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/22 9:8 p.m.31 views

CVE-2026-41314 pypdf: Manipulated FlateDecode image dimensions can exhaust RAM

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS0.00226EPSS
Exploits0References4
OSV
OSV
added 2026/04/16 11:30 p.m.7 views

JLSEC-2026-122

Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: - Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and...

10CVSS7.5AI score0.01254EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2026/04/16 11:27 p.m.8 views

SUSE CVE-2026-40918

A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...

5.5CVSS6.1AI score0.00196EPSS
Exploits0References3
NVD
NVD
added 2026/04/15 8:16 p.m.7 views

CVE-2026-40918

A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...

5.5CVSS0.00196EPSS
Exploits0References2
CVE
CVE
added 2026/04/15 6:59 p.m.28 views

CVE-2026-40918

CVE-2026-40918 (GIMP) : A flaw in the GIMP PVR image loader can cause a denial of service when processing specially crafted, large-dimension PVR files. Root cause: a stack-based buffer overflow and an out-of-bounds read during loading, leading to application crash. Affected: systems that process ...

5.5CVSS6.1AI score0.00196EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.8 views

PT-2026-33129

A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service DoS. This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted P...

5.5CVSS6.1AI score0.00196EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.7 views

CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...

9.8CVSS6AI score0.00598EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.20 views

PT-2026-25842

DiceBear is an avatar library for designers and developers. Prior to version 9.4.0, the ensureSize function in @dicebear/converter read the width and height attributes from the input SVG to determine the output canvas size for rasterization PNG, JPEG, WebP, AVIF. An attacker who can supply a...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References8
OSV
OSV
added 2026/02/24 3:31 p.m.3 views

GHSA-VHQJ-F5CJ-9X8H ImageMagick has heap-buffer-overflow via signed integer overflow in WriteUHDRImage when writing UHDR images with large dimensions

WriteUHDRImage in coders/uhdr.c uses int arithmetic to compute the pixel buffer size. When image dimensions are large, the multiplication overflows 32-bit int, causing an undersized heap allocation followed by an out-of-bounds write. This can crash the process or potentially lead to an out of...

8.2CVSS5.7AI score0.0042EPSS
Exploits0References5
Snyk
Snyk
added 2026/02/24 12:53 a.m.7 views

Integer Overflow or Wraparound

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.2CVSS6.2AI score0.0042EPSS
Exploits0References2
Rows per page
Query Builder