Lucene search
+L

260 matches found

OSV
OSV
added 3 days ago3 views

DEBIAN-CVE-2026-54058

Pillow is a Python imaging library. Prior to 12.3.0, when Pillow loads an uncompressed McIdas AREA image from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width, causing pixel access such as Image.tobytes, getpixel,...

8.3CVSS6.1AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 3 days ago3 views

CVE-2026-54058

Pillow is a Python imaging library. Prior to 12.3.0, when Pillow loads an uncompressed McIdas AREA image from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width, causing pixel access such as Image.tobytes, getpixel,...

8.3CVSS0.00384EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/07/01 3:35 a.m.6 views

SUSE CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.00231EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 5:16 p.m.9 views

CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS0.00231EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/29 4:31 p.m.8 views

CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.00231EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/29 4:31 p.m.10 views

CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.00231EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 4:31 p.m.44 views

CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS0.00231EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.15 views

PT-2026-53316

Name of the Vulnerable Software and Affected Versions libtiff affected versions not specified Description A heap-based buffer overflow exists in the PixarLog decoder. A remote attacker can trigger this issue by providing a specially crafted PixarLog-compressed TIFF image. The flaw occurs during t...

7.3CVSS6.6AI score0.00231EPSS
Exploits0References39
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap buffer over-read vulnerability in the DJVU image format handler. This vulnerability occurred due to integer truncation during the calculation o...

4.4CVSS6.7AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.13.0 : libpng (EulerOS-SA-2026-2174)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

8.3CVSS5.8AI score0.00955EPSS
Exploits9References7
SUSE CVE
SUSE CVE
added 2026/06/02 1:38 a.m.10 views

SUSE CVE-2026-45700

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...

8CVSS5.9AI score0.00502EPSS
Exploits1References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in libraw

In LibRaw, there is a out-of-bounds read vulnerability within the “simpledecoderow” function libraw\src\x3f\x3futilspatched.cpp, which can be triggered by an image with a large rowstride field...

5.5CVSS6.1AI score0.00369EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxtre: Avoid undefined behavior in bnxtqpliballocinithwq. Undefined behavior occurs when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case, rounduppowoftwohwqattr-auxstride is...

4.4CVSS6.4AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.26 to 1.6.53, there was an integer truncation in the libpng simplified write API functions pngwriteimage16bit and pngwriteimage8bit, which caused...

7.8CVSS6.8AI score0.00114EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/19 9:16 p.m.16 views

CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS5.8AI score0.00323EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/19 8:7 p.m.8 views

CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS5.8AI score0.00323EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 8:7 p.m.75 views

CVE-2026-32882

CVE-2026-32882 – libheif heap buffer OOB read : In libheif 1.21.2 and earlier, a flaw in HeifPixelImage::overlay() allows a heap buffer over-read during overlay compositing when the child image uses a different bit depth for alpha than color channels. Specifically, the code indexes the alpha plan...

7.1CVSS5.8AI score0.00323EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/19 8:7 p.m.44 views

CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS0.00323EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 8:7 p.m.1 views

CVE-2026-32882 libheif: Heap Buffer OOB Read in overlay compositing due to wrong alpha stride

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS6AI score0.00323EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.13 views

Threat Modelling Using Domain-Adapted Language Models: Empirical Evaluation and Insights

Large Language ModelsLLMs are increasingly explored for cybersecurity applications such as vulnerability detection. In the domain of threat modelling, prior work has primarily evaluated a number of general-purpose Large Language Models under limited prompting settings. In this study, we extend th...

5.8AI score
Exploits0
Rows per page
Query Builder