Lucene search
K

551 matches found

AlpineLinux
AlpineLinux
added 2026/05/22 8:59 p.m.21 views

CVE-2026-41071

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

8.1CVSS5.7AI score0.00302EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 8:59 p.m.8 views

CVE-2026-41071

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

5.1CVSS5.8AI score0.00302EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/05/22 8:59 p.m.11 views

EUVD-2026-31501

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

5.1CVSS5.8AI score0.00302EPSS
Exploits1References2
CVE
CVE
added 2026/05/22 8:59 p.m.87 views

CVE-2026-41071

CVE-2026-41071 affects libheif up to version 1.21.2. A crafted HEIF sequence file where the saiz box declares more samples than actually exist can trigger a heap‑buffer‑overflow (out‑of‑bounds read) in the SampleAuxInfoReader constructor when parsing via heif_context_read_from_file. The reader it...

8.1CVSS5.8AI score0.00302EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/22 8:59 p.m.12 views

CVE-2026-41071

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

8.1CVSS5.8AI score0.00302EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/22 8:49 p.m.22 views

CVE-2026-41069 libheif allows Out-of-bounds vector access leading to invalid dereference (DoS)

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS0.00253EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/22 8:49 p.m.10 views

CVE-2026-41069 libheif allows Out-of-bounds vector access leading to invalid dereference (DoS)

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS5.8AI score0.00253EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/05/22 8:49 p.m.15 views

CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS5.8AI score0.00253EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/22 8:49 p.m.10 views

EUVD-2026-31503

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS5.8AI score0.00253EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 8:49 p.m.8 views

CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS5.8AI score0.00253EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/05/22 8:49 p.m.68 views

CVE-2026-41069

Summary: CVE-2026-41069 affects libheif up to v1.21.2, where a malformed HEIF sequence can trigger an out-of-bounds read in core sequence parsing, leading to DoS. The issue occurs when stco.entry_count == 0 but saiz.sample_count > 0, causing the SampleAuxInfoReader loop to dereference an empty...

6.5CVSS5.8AI score0.00253EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/22 8:49 p.m.7 views

CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

6.5CVSS5.8AI score0.00253EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.14 views

PT-2026-42834

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap-buffer-overflow out-of-bounds read occurs in the SampleAuxInfoReader constructor when parsing a crafted HEIF sequence file. The issue arises because the constructor iterates over the number o...

8.8CVSS5.8AI score0.00514EPSS
Exploits4References75
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.13 views

PT-2026-42833

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.21.3 Description An out-of-bounds read can occur in the core sequence parsing logic when processing a malformed HEIF sequence file, leading to a Denial of Service DoS. This happens when a file has stco.entry count s...

8.8CVSS5.8AI score0.00514EPSS
Exploits4References74
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

libheif 缓冲区错误漏洞

LibHEIF is a open-source decoder and encoder for the ISO/IEC 23008-12:2017 HEIF file format developed by Struktur. Versions of LibHEIF prior to 1.21.2 contain a buffer error vulnerability. This vulnerability arises from the fact that the number of samples declared in the saiz frame exceeds the...

8.1CVSS6AI score0.00302EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.57 views

Linux Distros Unpatched Vulnerability : CVE-2026-32741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When...

7.1CVSS6AI score0.00343EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-32882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in...

7.1CVSS6AI score0.00323EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.20 views

Linux Distros Unpatched Vulnerability : CVE-2026-32739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in...

6.5CVSS6.2AI score0.0032EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-32738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the st...

6.5CVSS5.8AI score0.00301EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.85 views

Linux Distros Unpatched Vulnerability : CVE-2026-32740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap- buffer-overflow write vulnerability in the grid tile...

8.8CVSS6AI score0.00514EPSS
Exploits1References2
Rows per page
Query Builder