CVE-2026-31778 ALSA: caiaq: fix stack out-of-bounds read in init_card

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

EUVD-2026-10801

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, an off-by-one write in Envoy::JsonEscaper::escapeString can corrupt std::string null-termination, causing undefined behavior and potentially leading to crashes or out-of-bounds reads when the...

UTT HiPER 810G 安全漏洞

UTT HiPER 810G is a firewall router produced by UTT Corporation. Versions of UTT HiPER 810G prior to 1.7.7-171114 contained security vulnerabilities. These vulnerabilities were caused by incorrect operations on the strcpy function in the file/goform/formConfigDnsFilterGlobal, which could lead to...

CVE-2026-21870

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

SUSE SLES16: ImageMagick / ImageMagick-config-7-SUSE / etc (SUSE-SU-2025:21211-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21211-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. -...

openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

OPENSUSE-SU-2025:20162-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

CVE-2025-14607

A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruption. The attack can be launched remotely. Upgrading to...

CLSA-2025-1759782690 Fix CVE(s): CVE-2025-55298

SECURITY UPDATE: format string bug vulnerability in InterpretImageFilename function - debian/patches/CVE-2025-55298.patch: Fix PercentNInvalidOperation and IsValidFormatSpecifier to handle invalid arguments in InterpretImageFilename - CVE-2025-55298...

CLSA-2025-1758195721 ImageMagick: Fix of 4 CVEs

CVE-2025-55154: fix integer overflows in MNG magnification - CVE-2025-55212: fix division by zero in ThumbnailImage - CVE-2025-57803: fix 32-bit integer overflow when writing BMP scanline stride - CVE-2025-55298: fix format string bug leading to RCE or heap overflow...

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in...

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2025-1182)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1182 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077...

SUSE SLES12: ImageMagick-config-6-SUSE / ImageMagick-config-6-upstream / etc (SUSE-SU-2025:03150-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03150-1 advisory. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. - CVE-2025-55154: Fixed integer overfl...

[SECURITY] [DLA 4297-1] imagemagick security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4297-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 10, 2025 https://wiki.debian.org/LTS -...

SUSE-SU-2025:03151-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. -...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. CVE-2025-55154: Fixed integer overflow when performing magnified size calculations in ReadOneMNGIMage bsc1248078. CVE-2025-55160: Fixed...

Linux Distros Unpatched Vulnerability : CVE-2024-6443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In utf8trunc in zephyr/lib/utils/utf8.c, lastbytep can point to one byte before the string pointer if the string is empty. CVE-2024-6443 Note that Nessus relies...

SUSE-SU-2025:03113-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. -...

Linux Distros Unpatched Vulnerability : CVE-2025-55298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format...