CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

455 matches found

CLSA-2026-1780061802 Fix CVE(s): CVE-2026-42050

SECURITY UPDATE: fix stack-based buffer overflow in XTileImage triggered by a malicious MIFF file when right-clicking a tile to invoke the Load / Update menu item - debian/patches/CVE-2026-42050.patch: fix stack-based buffer overflow in XTileImage triggered by a malicious MIFF file when...

5.5CVSS6.1AI score0.00014EPSS

Exploits0References1

SUSE CVE•added 2026/05/27 4:17 a.m.•2 views

SUSE CVE-2023-29452

Currently, geomap configuration Administration - General - Geographical maps allows using HTML in the field “Attribution text” when selected “Other” Tile provider...

5.5CVSS6AI score0.01991EPSS

Exploits0References3

Tenable Nessus•added 2026/05/27 12:0 a.m.•11 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3305 (ALAS-2026-3305)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3305 advisory. Stack buffer overflow in XTileImage CVE-2026-42050 Tenable has extracted the preceding description block directly from the...

5.5CVSS6AI score0.00014EPSS

Exploits0References4

Tenable Nessus•added 2026/05/22 12:0 a.m.•6 views

Unity Linux 20.1060e / 20.1070e Security Update: openjpeg (UTSA-2026-016638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016638 advisory. Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or...

8.8CVSS7.4AI score0.06225EPSS

Exploits0References4

Tenable Nessus•added 2026/05/22 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-32740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap- buffer-overflow write vulnerability in the grid tile...

8.8CVSS5.8AI score0.00015EPSS

Exploits1References3

SUSE CVE•added 2026/05/21 2:29 a.m.•7 views

SUSE CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

7.8CVSS5.8AI score0.00015EPSS

Exploits1References3

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в openexr

A flaw was discovered in the function dataWindowForTile of the IlmImf/ImfTiledMisc.cpp file. An attacker who can submit a crafted file for processing with OpenEXR could trigger an integer overflow, resulting in an out-of-bounds write operation on the heap. The most significant impact of this flaw...

6.1CVSS6.9AI score0.00132EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в zabbix

Currently, the geomap configuration Administration - General - Geographical maps allows the use of HTML in the “Attribution text” field when the “Other” Tile provider is selected...

5.5CVSS6AI score0.01991EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: Verisilicon: AV1 – Fix for the tile info buffer size. Each tile info consists of: rowsb, colsb, startpos, and endpos 4 bytes each. Therefore, the total memory required is AV1MAXTILES 16 bytes. Use the correct define to...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References1

RedhatCVE•added 2026/05/19 11:19 p.m.•6 views

CVE-2026-32740

A flaw was found in libheif, a library for decoding and encoding HEIF and AVIF image files. This heap-buffer-overflow vulnerability allows a remote attacker to write arbitrary data beyond the intended memory boundary. By crafting a malicious HEIF/AVIF file with a specific grid tile configuration,...

8.8CVSS6.3AI score0.00015EPSS

Exploits1References5

RedhatCVE•added 2026/05/19 11:9 p.m.•6 views

CVE-2026-32814

A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. When processing a specially crafted HEIF or AVIF image containing a corrupted grid tile, the library fails to properly initialize memory. This can lead to an information disclosure, where uninitialized heap memory,...

6.5CVSS5.8AI score0.00033EPSS

Exploits0References5

Snyk•added 2026/05/19 9:51 p.m.•4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the image decoding process when handling grid tile chroma compositing. An attacker can execute arbitrary code or cause a denial of service by crafting a specially designed HEIF/AVIF file with a 1×4 grid of...

8.8CVSS6.2AI score0.00015EPSS

Exploits1References2

Snyk•added 2026/05/19 9:51 p.m.•8 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the decoding process of grid-based HEIF or AVIF images when a corrupted tile fails to decode and the library returns a success status, resulting in uninitialized heap memory being exposed as pixel data. ...

7.1CVSS5.8AI score0.00033EPSS

Exploits0References2

OSV•added 2026/05/19 8:16 p.m.•2 views

DEBIAN-CVE-2026-32740

8.8CVSS5.8AI score0.00015EPSS

Exploits1References1