Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Debian CVE
Debian CVEadded 2026/05/19 8:7 p.m.3 views

CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS5.8AI score0.00047EPSS
Exploits0
OSV
OSVadded 2026/01/09 3:19 p.m.1 views

SUSE-SU-2026:0087-1 Security update for libheif

This update for libheif fixes the following issues: - CVE-2025-68431: Fixed heap buffer over-read in HeifPixelImage::overlay via crafted HEIF that exercises the overlay image item bsc1255735...

7.1CVSS7.2AI score0.00043EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/12/31 12:57 p.m.1 views

CVE-2025-68431

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...

6.5CVSS6.5AI score0.00043EPSS
Exploits1References2
OSV
OSVadded 2024/10/15 9:15 p.m.1 views

DEBIAN-CVE-2024-41311

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write...

8.1CVSS7.9AI score0.00197EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/10/15 12:0 a.m.2 views

PT-2024-7935 · Libheif +6 · Libheif +6

Name of the Vulnerable Software and Affected Versions: Libheif version 1.17.6 Description: The issue is related to the ImageOverlay::parse function in the libheif decoder and encoder for video and photo file formats. It involves an out-of-bounds read and write due to insufficient checks when...

9.4CVSS8.6AI score0.00197EPSS
Exploits4References59
Patchstack
Patchstackadded 2023/07/18 12:0 a.m.4 views

WordPress Overlay Image Divi Module Plugin < 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Overlay Image Divi Module Type Plugin Vulnerable versions 1.5 Fixed in 1.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3d904935a6e0 Credits Rafie Muhammad Patchstack...

6.2AI score
Exploits0References3Affected Software1
Patchstack
Patchstackadded 2022/02/28 12:0 a.m.6 views

WordPress Overlay Image Divi Module plugin <= 1.3.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Overlay Image Divi Module plugin versions = 1.3.1. Solution Update the WordPress Overlay Image Divi Module plugin to the latest available version at least 1.3.2...

2.7AI score
Exploits0References2Affected Software1
Exploit DB
Exploit DBadded 2011/11/03 12:0 a.m.14 views

Calibre E-Book Reader - Race Condition Privilege Escalation

!/bin/sh .70-Calibrer Assault Mount by Dan Rosenberg @djrbliss and zx2c4 Yesterday we learned how Calibre's ability to mount anything anywhere resulted in a local root. Today's exploit shows a race condition to subvert recent changes preventing symlinks and checking path prefixes. - djrbliss &...

7.4AI score
Exploits0
Rows per page
Query Builder