CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

919 matches found

SUSE CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS6AI score0.00383EPSS

Exploits1References14

Cvelist•added 5 days ago•30 views

CVE-2026-56367 ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash...

6.3CVSS0.00189EPSS

Exploits0References2

CVE•added 5 days ago•59 views

CVE-2026-56367

ImageMagick is affected in versions prior to 7.1.2-15 and 6.9.x prior to 6.9.13-40, where an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) can cause a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file may lead to information discl...

6.3CVSS5.9AI score0.00189EPSS

Exploits0References2

ATTACKERKB•added 5 days ago•6 views

CVE-2026-56367

6.3CVSS5.9AI score0.00189EPSS

Exploits0References3Affected Software1

Debian CVE•added 5 days ago•5 views

CVE-2026-56367

6.3CVSS5.9AI score0.00189EPSS

Exploits0

Positive Technologies•added 5 days ago•15 views

PT-2026-51227

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description An integer overflow exists in the PSB PSD v2 RLE decoding path within the ReadPSDChannelRLE function located in coders/psd.c. On 32-bit builds, this fla...

6.3CVSS6.1AI score0.00189EPSS

Exploits0References6

AstraLinux•added last week•7 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to a Out-of-Bounds Read vulnerability in the nscrledecompressdata function. The Out-of-Bounds Read vulnerability occurs because the function processes...

7.5CVSS7.1AI score0.01332EPSS

Exploits1References2

Redos•added 2026/06/11 12:0 a.m.•5 views

ROS-20260611-73-0005

The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failure...

9.8CVSS6.4AI score0.00601EPSS

Exploits1

SUSE CVE•added 2026/06/02 1:38 a.m.•8 views

SUSE CVE-2026-45700

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...

8CVSS5.9AI score0.00498EPSS

Exploits1References3

NVD•added 2026/05/29 8:16 p.m.•14 views

CVE-2026-45700

9.8CVSS0.00498EPSS

Exploits1References1

OSV•added 2026/05/29 8:16 p.m.•4 views

UBUNTU-CVE-2026-45700

9.8CVSS5.9AI score0.00498EPSS

Exploits1References5

ATTACKERKB•added 2026/05/29 7:44 p.m.•6 views

CVE-2026-45700

7.7CVSS5.9AI score0.00498EPSS

Exploits1References2Affected Software1

Cvelist•added 2026/05/29 7:44 p.m.•33 views

CVE-2026-45700 Heap-buffer-overflow write in planar bitmap decoder

7.7CVSS0.00498EPSS

Exploits1References1

EUVD•added 2026/05/29 7:44 p.m.•14 views

EUVD-2026-33436

7.7CVSS5.9AI score0.00498EPSS

Exploits1References1

CVE•added 2026/05/29 7:44 p.m.•59 views

CVE-2026-45700

FreeRDP (prior to 3.26.0) has a heap-buffer-overflow in the planar bitmap decoder. The bug occurs in freerdp_bitmap_decompress_planar() validating X destination coordinate against nDstStep; an attacker can bypass the check with large nDstStep and nXDst, causing planar_decompress_plane_rle() to wr...

9.8CVSS5.9AI score0.00498EPSS

Exploits1References1Affected Software1

Debian CVE•added 2026/05/29 7:44 p.m.•12 views

CVE-2026-45700

9.8CVSS5.9AI score0.00498EPSS

Exploits1

Positive Technologies•added 2026/05/29 12:0 a.m.•13 views

PT-2026-44989

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.26.0 Description The planar bitmap decoder contains an out-of-bounds heap write when decoding RLE planar data. In the libfreerdp/codec/planar.c file, the freerdp bitmap decompress planar function validates the X...

9.8CVSS5.9AI score0.00498EPSS

Exploits1References40

SUSE CVE•added 2026/05/16 1:11 a.m.•6 views

SUSE CVE-2026-43903

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIODASSERT for bounds checking in the RLE decode loop. In release builds, OIIODASSERT compiles to voidsizeofx...

8.4CVSS6AI score0.00126EPSS

Exploits0References3

Tenable Nessus•added 2026/05/15 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...

8.4CVSS5.7AI score0.00126EPSS

Exploits0References3

Snyk•added 2026/05/14 9:23 p.m.•7 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the softimageinput.cpp process when handling RLE decoding. An attacker can cause a heap buffer overflow by submitting a crafted .pic file with a manipulated run length value that exceeds the scanline width...

8.4CVSS6AI score0.00173EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by