Lucene search
+L

159 matches found

EUVD
EUVD
added 2026/07/09 9:34 a.m.7 views

EUVD-2026-42569

A heap buffer overflow vulnerability was found in GStreamer's rfbsrc plugin. When a client connects to a malicious RFB/VNC server that advertises a 16bpp framebuffer and sends Hextile-encoded updates, the Hextile background fill path writes 32-bit pixel values into a buffer allocated for 16-bit...

7.1CVSS6.2AI score0.00247EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54826

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description The MNG decoder contains a heap information disclosure issue where part of the pixels are left unchanged, potentially exposing data from the heap a regi...

9.2CVSS6.1AI score0.01849EPSS
Exploits5References125
EUVD
EUVD
added 2026/06/19 12:0 a.m.13 views

EUVD-2025-210287

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

6AI score0.00823EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/19 12:0 a.m.35 views

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

0.00823EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 12:0 a.m.11 views

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

6AI score0.00823EPSS
Exploits1References2
CVE
CVE
added 2026/06/19 12:0 a.m.19 views

CVE-2025-62821

CVE-2025-62821 affects Microsoft HEIF Image Extensions 1.2.22.0. The issue is an out-of-bounds read caused by CHEIFItemInfoEntry_GetDataSize returning success while reporting data size as 0, leading to a 1-byte allocation. Later, CopyPixels computes copy_size = stride * abs(roi_height) without va...

9.1CVSS6AI score0.00823EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/06/16 12:1 p.m.5 views

MINI-MV8P-575X-25PX

Bulletin has no description...

7.5CVSS4.8AI score0.00583EPSS
Exploits1
NVD
NVD
added 2026/05/29 8:16 p.m.15 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS0.00384EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/29 6:36 p.m.12 views

EUVD-2026-33419

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.8AI score0.00384EPSS
Exploits0References4
Redos
Redos
added 2026/05/26 12:0 a.m.28 views

ROS-20260526-73-0018

A vulnerability in the libpng library is related to the failure to check for sufficient input pixels when processing the last partial portion in the ARM/AArch64 Neon optimized palette expansion path. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...

7.6CVSS6.3AI score0.00585EPSS
Exploits0
Redos
Redos
added 2026/05/26 12:0 a.m.18 views

ROS-20260526-73-0020

A vulnerability in the libpng library is related to the failure to check for sufficient input pixels when processing the last partial portion in the ARM/AArch64 Neon optimized palette expansion path. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...

7.6CVSS6.3AI score0.00585EPSS
Exploits0
Redos
Redos
added 2026/05/26 12:0 a.m.28 views

ROS-20260526-73-0019

A vulnerability in the libpng library is related to the failure to check for sufficient input pixels when processing the last partial portion in the ARM/AArch64 Neon optimized palette expansion path. Exploitation of the vulnerability could allow a remote attacker to disclose protected information...

7.6CVSS6.3AI score0.00585EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in libsdl1.2, libsdl2

In SDLGetRGB in the video/SDLpixels.c file, there is a heap-based buffer over-read issue in versions from 1.2.15 up to 2.x, and from 2.0.9 onwards...

8.1CVSS6.8AI score0.02879EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libsdl2, libsdl1.2

There is a heap overflow issue in the video/SDLpixels.c file in SDL Simple DirectMedia Layer versions 2.x to 2.0.18. By creating a malicious .BMP file, an attacker can cause the application using this library to crash, result in a denial of service, or lead to code execution...

8.8CVSS7AI score0.01986EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the ffhevcputhevcepelpixels8sse function in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a crafted video file...

6.5CVSS6.6AI score0.00825EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/04/30 3:26 p.m.5 views

openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An attacker can craft a malicious EXR file that, when processed, causes an integer overflow in the CompositeDeepScanLine::readPixels function. This overflow leads to an undersized buffer allocation, whic...

8.4CVSS6.7AI score0.00201EPSS
Exploits2References5
OSV
OSV
added 2026/04/21 4:6 p.m.4 views

CVE-2026-40567 FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...

5.8CVSS6AI score0.00242EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/20 3:5 a.m.8 views

openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An attacker can craft a malicious EXR file that, when processed, causes an integer overflow in the CompositeDeepScanLine::readPixels function. This overflow leads to an undersized buffer allocation, whic...

8.4CVSS6.5AI score0.00201EPSS
Exploits2References5
UbuntuCve
UbuntuCve
added 2026/04/14 10:16 p.m.5 views

CVE-2026-33018

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the loadgif function in fromgif.c, where a single sixelframet object is reused across all frames of an animated GIF and gifinitframe unconditionally...

7CVSS5.8AI score0.00191EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/14 9:57 p.m.8 views

EUVD-2026-22746

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS6AI score0.00247EPSS
Exploits1References2
Rows per page
Query Builder