Lucene search
K

491 matches found

SUSE Linux
SUSE Linux
added 2026/06/12 2:0 p.m.7 views

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue CVE-2026-42050: stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References4
Amazon
Amazon
added 2026/06/08 12:0 a.m.13 views

Important: libheif

Issue Overview: libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap...

8.8CVSS5.5AI score0.00514EPSS
Exploits1
OSV
OSV
added 2026/06/05 3:18 p.m.10 views

JLSEC-2026-572

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.3AI score0.00514EPSS
Exploits1References2
OSV
OSV
added 2026/05/29 2:22 p.m.8 views

CLSA-2026-1780061802 Fix CVE(s): CVE-2026-42050

SECURITY UPDATE: fix stack-based buffer overflow in XTileImage triggered by a malicious MIFF file when right-clicking a tile to invoke the Load / Update menu item - debian/patches/CVE-2026-42050.patch: fix stack-based buffer overflow in XTileImage triggered by a malicious MIFF file when...

5.5CVSS6.1AI score0.0013EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/27 4:17 a.m.3 views

SUSE CVE-2023-29452

Currently, geomap configuration Administration - General - Geographical maps allows using HTML in the field “Attribution text” when selected “Other” Tile provider...

5.5CVSS6AI score0.62046EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.19 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3305 (ALAS-2026-3305)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3305 advisory. Stack buffer overflow in XTileImage CVE-2026-42050 Tenable has extracted the preceding description block directly from the...

5.5CVSS6AI score0.0013EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.85 views

Linux Distros Unpatched Vulnerability : CVE-2026-32740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap- buffer-overflow write vulnerability in the grid tile...

8.8CVSS6AI score0.00514EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: openjpeg (UTSA-2026-016638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016638 advisory. Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or...

8.8CVSS7.4AI score0.05515EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.17 views

SUSE CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

7.8CVSS5.8AI score0.00514EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in openimageio

There is a heap-based buffer overflow vulnerability in the tile decoding code of the TIFF image parser in OpenImageIO’s master-branch-9aeece7a and v2.3.19.0. A specially crafted TIFF file can lead to out-of-bounds memory corruption, which may result in arbitrary code execution. An attacker can...

9.8CVSS9AI score0.01813EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Zabbix

Currently, the geomap configuration Administration - General - Geographical maps allows the use of HTML in the “Attribution text” field when the “Other” Tile provider is selected...

5.5CVSS5.6AI score0.62046EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in gst-plugins-bad1.0

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...

8.8CVSS7.8AI score0.01559EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.12 contains multiple buffer overflows due to vulnerabilities in the numtilecolumns and numtilerow parameters of the picparameterset::dump function...

8.1CVSS6.6AI score0.00979EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in openexr

A flaw was discovered in the function dataWindowForTile of the IlmImf/ImfTiledMisc.cpp file. An attacker who can submit a crafted file for processing with OpenEXR could trigger an integer overflow, resulting in an out-of-bounds write operation on the heap. The most significant impact of this flaw...

6.1CVSS6.9AI score0.00809EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in openexr

There is a flaw in OpenEXR’s deep tile sample size calculations in versions before 3.0.0-beta. An attacker who can submit a crafted file for processing by OpenEXR could trigger an integer overflow, resulting in an out-of-bounds read. The greatest risk of this flaw is to the application’s...

5.5CVSS6.8AI score0.0096EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/19 11:19 p.m.14 views

CVE-2026-32740

A flaw was found in libheif, a library for decoding and encoding HEIF and AVIF image files. This heap-buffer-overflow vulnerability allows a remote attacker to write arbitrary data beyond the intended memory boundary. By crafting a malicious HEIF/AVIF file with a specific grid tile configuration,...

8.8CVSS6.3AI score0.00514EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/05/19 11:9 p.m.10 views

CVE-2026-32814

A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. When processing a specially crafted HEIF or AVIF image containing a corrupted grid tile, the library fails to properly initialize memory. This can lead to an information disclosure, where uninitialized heap memory,...

6.5CVSS5.8AI score0.00303EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/19 9:51 p.m.9 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the image decoding process when handling grid tile chroma compositing. An attacker can execute arbitrary code or cause a denial of service by crafting a specially designed HEIF/AVIF file with a 1×4 grid of...

8.8CVSS6.2AI score0.00514EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/19 9:51 p.m.13 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the decoding process of grid-based HEIF or AVIF images when a corrupted tile fails to decode and the library returns a success status, resulting in uninitialized heap memory being exposed as pixel data. ...

7.1CVSS5.8AI score0.00303EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 8:16 p.m.27 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS0.00514EPSS
Exploits1References5
Rows per page
Query Builder