Lucene search
+L

938 matches found

redhatcve
redhatcve
added 10 hours ago7 views

CVE-2026-59198

A flaw was found in Pillow, a Python imaging library. When saving a mode 1 image with TGA RLE compression, the TGA RLE encoder reads beyond its allocated memory buffer. This out-of-bounds read allows adjacent process heap memory to be copied into the generated TGA file, potentially leading to...

7.5CVSS6AI score0.00313EPSS
Exploits1References7
ptsecurity
ptsecurity
added 6 days ago10 views

PT-2026-57295

Name of the Vulnerable Software and Affected Versions FreeRDP versions 3.21.0 through 3.27.0 Description FreeRDP clients using the GFX pipeline contain an incomplete fix in the planar decompress plane rle only function within libfreerdp/codec/planar.c. This allows a malicious RDP server to send a...

9.8CVSS6.1AI score0.00698EPSS
Exploits3References13
osv
osv
added 2026/07/07 9:16 a.m.2 views

DEBIAN-CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References1
osv
osv
added 2026/07/07 7:44 a.m.4 views

CVE-2026-58384 Gimp: gimp: integer overflow in read_rle_channel()

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.3CVSS6.2AI score0.00219EPSS
Exploits1References7
cve
cve
added 2026/07/07 7:44 a.m.22 views

CVE-2026-58384

The CVE concerns GIMP’s PSD parser. An integer overflow in read_RLE_channel() triggers an undersized heap allocation for the RLE row-length table, after which per-row writes corrupt heap memory. This can lead to memory corruption with potential denial of service or arbitrary code execution. Docum...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References5Affected Software2
alpinelinux
alpinelinux
added 2026/07/07 7:44 a.m.6 views

CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References5
attackerkb
attackerkb
added 2026/07/07 7:44 a.m.5 views

CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References6
nvd
nvd
added 2026/07/06 1:16 p.m.8 views

CVE-2026-13705

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

7.1CVSS0.00136EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/06 12:3 p.m.38 views

CVE-2026-13705 Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

0.00136EPSS
Exploits0References2
osv
osv
added 2026/07/06 12:3 p.m.2 views

CVE-2026-13705 Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

7.1CVSS6AI score0.00136EPSS
Exploits0References7
debiancve
debiancve
added 2026/07/06 12:3 p.m.6 views

CVE-2026-13705

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

7.1CVSS6AI score0.00136EPSS
Exploits0
attackerkb
attackerkb
added 2026/07/06 12:3 p.m.6 views

CVE-2026-13705

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

7.1CVSS6AI score0.00136EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.13 views

PT-2026-55931

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read rgb 16 rle. read rgb 16 rle guards each literal run with if count data left, but count is a pixel count while every 16-bit sample consumes two bytes. T...

7.1CVSS6AI score0.00136EPSS
Exploits0References5
susecve
susecve
added 2026/06/25 2:26 a.m.5 views

SUSE CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS6AI score0.00591EPSS
Exploits1References14
susecve
susecve
added 2026/06/23 2:19 a.m.5 views

SUSE CVE-2026-56367

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash...

4.8CVSS5.9AI score0.00236EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/21 1:26 p.m.38 views

CVE-2026-56367 ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash...

6.3CVSS0.00236EPSS
Exploits0References2
cve
cve
added 2026/06/21 1:26 p.m.70 views

CVE-2026-56367

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contain an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash. Affecte...

9.1CVSS5.9AI score0.00236EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/06/21 1:26 p.m.3 views

CVE-2026-56367 ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash...

6.3CVSS6AI score0.00236EPSS
Exploits0References4
debiancve
debiancve
added 2026/06/21 1:26 p.m.6 views

CVE-2026-56367

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash...

9.1CVSS5.9AI score0.00236EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/21 1:26 p.m.6 views

CVE-2026-56367

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash...

6.3CVSS5.9AI score0.00236EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder