CVE-2026-45031

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, due to a missing check in the PSD decoder it would be possible to bypass the list-length resource policy when decoding a PSD image. Other security limits would...

SUSE CVE-2026-26246

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing PSD image files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted PSD file. Mattermost Advisory I...

Ubuntu 25.10 : Pillow vulnerability (USN-8047-1)

The remote Ubuntu 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8047-1 advisory. Yarden Porat discovered that Pillow incorrectly handled certain malformed PSD images. An attacker could use this issue to cause Pillow to crash, resulting in a denial...

USN-8047-1 pillow vulnerability

Yarden Porat discovered that Pillow incorrectly handled certain malformed PSD images. An attacker could use this issue to cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code...

BIT-PILLOW-2026-25990 Pillow has an out-of-bounds write when loading PSD images

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

CVE-2026-25990 Pillow has an out-of-bounds write when loading PSD images

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

Pillow affected by out-of-bounds write when loading PSD images

Impact An out-of-bounds write may be triggered when loading a specially crafted PSD image. Pillow = 10.3.0 users are affected. Patches Pillow 12.1.1 will be released shortly with a fix for this. Workarounds Image.open has a formats parameter that can be used to prevent PSD images from being opene...

Pillow 缓冲区错误漏洞

Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 10.3.0 to 12.1.1 contained a buffer error vulnerability. This vulnerability occurred when loading specially crafted PSD images, potentially leading to out-of-bounds write operations...

EUVD-2010-1536

Malware in sbrugna...

EUVD-2022-43932

Malicious code in bioql PyPI...

SUSE CVE-2018-19107

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer over-read caused by an integer overflow via a crafted PSD image file...

Heap overflow

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-40660

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-40660

CVE-2022-40660 affects Nikon NIS-Elements Viewer 1.2100.1483.0. The vulnerability arises in the PSD image parsing code, where lack of validation of the length of user-supplied data enables a heap-based buffer overflow. An attacker who can entice a user to visit a malicious page or open a maliciou...

SUSE: Security Advisory (SUSE-SU-2014:0359-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory Corruption Vulnerability in Photo Lab Processing of psd Images

Photo Lab is a foreign photo viewing tool. A memory corruption vulnerability exists in Photo Lab's handling of psd images. An attacker can cause the program to crash by constructing a malformed psd image, which if successfully exploited can lead to arbitrary code execution...

PYSEC-2018-141

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer over-read caused by an integer overflow via a crafted PSD image file...

Exiv2 integer overflow vulnerability (CNVD-2019-07086)

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An integer overflow vulnerability in Exiv2::IptcParser::decode in iptc.cpp in Exiv2 0.26 can be exploited by an attacker to cause a denial of service via specially crafted PSD image files...

Amazon Linux: Security Advisory (ALAS-2014-336)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2014-420)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...