SUSE CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the CompositeDeepScanLine::readPixels function. An attacker can cause memory corruption or potentially execute arbitrary code by providing a specially crafted multipart deep EXR file with large sample...

CVE-2026-27168 SAIL: Heap-based Buffer Overflow in Sail-codecs-xwd

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. All versions are vulnerable to Heap-based Buffer Overflow through the XWD parser's use of the bytesperline value. The value os read directly from the file as the read size in...

Malicious PixelCode Delivery Technique

Malicious PixelCode is a security research project that demonstrates a covert technique for encoding executable files into pixel data and storing them inside images or videos. A lightweight loader retrieves the media file, reconstructs the original binary, and executes it in memory. This project...

CVE-2026-23883

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, xfPointerNew frees cursorPixels on failure, then pointerfree calls xfPointerFree and frees it again, triggering ASan UAF. A malicious server can trigger a client‑side use after free, causing a crash DoS and...

PT-2026-3466

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.21.0 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw where the xf Pointer New function incorrectly frees memory associated with cursorPixels both on failure and during norm...

CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

EUVD-2025-205887

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

UBUNTU-CVE-2025-59820

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...

CVE-2025-59820

CVE-2025-59820 affects KDE Krita prior to 5.2.13, where loading a manipulated TGA file can trigger a heap-based buffer overflow in KisTgaImport (plugins/impex/tga/kis_tga_import.cpp). Debian/Alpine advisories confirm this can lead to potential arbitrary code execution; fixed packages are provided...

EUVD-2025-199710

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...

CVE-2025-59820

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...

CVE-2025-59820

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...

Google Chrome < 4.1.0.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 4.1.0.21. It is, therefore, affected by multiple vulnerabilities as referenced in the 201503stable-channel-update advisory. - Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM...

OSV-2025-865 Heap-buffer-overflow in generic_unpack

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=456158449 Crash type: Heap-buffer-overflow READ 4 Crash state: genericunpack Imf34::ScanLineInputFile::Data::readPixels Imf34::InputFile::readPixels...

OSV-2025-855 Use-of-uninitialized-value in AlphaReplace_SSE2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=454314139 Crash type: Use-of-uninitialized-value Crash state: AlphaReplaceSSE2 WebPReplaceTransparentPixels WebPEncode...

K000156719: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2018-16323 ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that...

imagemagick: heap-buffer overflow read in MNG magnification with alpha

Vulnerability Details When performing image magnification in ReadOneMNGIMage in coders/png.c, there is an issue around the handling of images with separate alpha channels. When loading an image with a color type that implies a separate alpha channel ie. jngcolortype = 12, we will load the alpha...

Malicious code in web-pixels-extension (npm)

The package web-pixels-extension was found to contain malicious code...

MAL-2025-38973 Malicious code in web-pixels-extension (npm)

The package web-pixels-extension was found to contain malicious code...