Lucene search
+L

109 matches found

OSV
OSV
added 4 days ago3 views

CVE-2026-59198 Pillow TGA RLE encoder can serialize up to ~57 KB of adjacent heap data into generated images

Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0...

6.5CVSS6.1AI score0.00313EPSS
Exploits1References6
OSV
OSV
added 2026/07/08 11:34 a.m.7 views

BIT-PILLOW-2026-55379 Pillow BdfFontFile`: `Image.new()` called without `_decompression_bomb_check()` — bomb protection bypass via font loading

Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdfchar read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new without calling Image.decompressionbombcheck, bypassing Pillow's documented decompression bomb protection...

7.5CVSS5.9AI score0.00364EPSS
Exploits1References4
OSV
OSV
added 2026/07/08 11:34 a.m.6 views

BIT-PILLOW-2026-54060 Pillow: `FontFile.compile()`: `Image.new()` called without `_decompression_bomb_check()`

Pillow is a Python imaging library. Prior to 12.3.0, PIL/FontFile.py FontFile.compile assembled per-glyph images into a combined bitmap with Image.new"1", xsize, ysize without calling Image.decompressionbombcheck, allowing a font to trigger excessive allocation during conversion or saving. This...

7.5CVSS5.9AI score0.00361EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-54059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py loadbitmaps read glyph dimensions from the PCF METRICS section and passed them directly ...

7.5CVSS6.4AI score0.00354EPSS
Exploits1References4
EUVD
EUVD
added 2026/07/06 6:52 p.m.6 views

EUVD-2026-41902

Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdfchar read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new without calling Image.decompressionbombcheck, bypassing Pillow's documented decompression bomb protection...

7.5CVSS6AI score0.00364EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/07/06 6:52 p.m.5 views

CVE-2026-55379

Pillow is a Python imaging library. Prior to 12.3.0, PIL/BdfFontFile.py bdfchar read the BBX width and height field from a BDF font file and passed attacker-controlled dimensions to Image.new without calling Image.decompressionbombcheck, bypassing Pillow's documented decompression bomb protection...

7.5CVSS6AI score0.00364EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/07/06 6:46 p.m.6 views

CVE-2026-54059

Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py loadbitmaps read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes without calling Image.decompressionbombcheck, allowing crafted PCF font data to cause excessive memory allocation. Thi...

7.5CVSS6AI score0.00354EPSS
Exploits1
EUVD
EUVD
added 2026/04/07 12:30 a.m.20 views

EUVD-2026-19484

OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript by submitting malicious User-Agent HTTP headers to the /ocsinventory endpoint. Attackers can register rogue agents or craft...

5.4CVSS6.2AI score0.00218EPSS
Exploits0References4
OSV
OSV
added 2026/03/27 2:24 p.m.3 views

CVE-2026-27876 RCE on Grafana via sqlExpressions

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...

9.1CVSS8AI score0.01929EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/25 3:31 p.m.4 views

EUVD-2026-15421

Nanoleaf Lines 12.3.2 does not authenticate firmware file uploads. A remote, unauthenticated attacker can upload firmware files on the device and consume storage resources. Fixed in 12.3.6...

6.9CVSS5.8AI score0.0034EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 1:34 a.m.3 views

CVE-2026-33307 mod_gnutils has stack-based buffer overflow caused by a long client certificate chain

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...

7.5CVSS6AI score0.00342EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/21 12:0 a.m.10 views

Acute Systems TransMac 缓冲区错误漏洞

Acute Systems TransMac is a tool software developed by Acute Systems that allows access and management of Mac disks and file systems on Windows systems. Version 12.3 of Acute Systems TransMac contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the volume name...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4
CVE
CVE
added 2026/03/18 3:22 a.m.13 views

CVE-2026-32256

CVE-2026-32256 affects the music-metadata library in the ASF parser path (parseExtensionObject in lib/asf/AsfParser.ts). Before version 11.12.3, if a sub-object inside the ASF Header Extension Object has objectSize = 0, the parser can enter an infinite loop, causing an application hang. Version 1...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/25 4:7 a.m.8 views

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

6.1CVSS3.8AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 5:29 p.m.7 views

CVE-2026-27571

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The WebSockets handling of NATS messages handles compressed messages via the WebSockets negotiated compression. Prior to versions 2.11.2 and 2.12.3, the implementation bound the memory size of a NATS...

7.5CVSS0.00478EPSS
Exploits0References4
CVE
CVE
added 2026/02/24 3:59 p.m.41 views

CVE-2026-27571

NATS-Server WebSockets handling is vulnerable to a pre-auth memory DoS via a compression bomb. Prior to v2.11.2 and v2.12.3, memory bounds for a NATS message were not independently applied to the memory stream, allowing excessive memory consumption and potential OS termination. The issue is explo...

7.5CVSS5.7AI score0.00478EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/02/24 2:2 a.m.33 views

CVE-2026-3054

The CVE affects Alinto SOGo 5.12.3/5.12.4 . The vulnerability is in an unknown function where manipulating the argument hint leads to cross-site scripting (XSS) . It is described as injectable remotely with an exploit publicly available . The vendor was contacted but did not respond. The document...

6.1CVSS3.8AI score0.00398EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.9 views

Alinto SOGo 代码注入漏洞

Alinto SOGo is an open-source collaboration office software developed by Alinto. Versions 5.12.3 and 5.12.4 of Alinto SOGo contain a code injection vulnerability. This vulnerability stems from incorrect handling of parameter hints, which may lead to cross-site scripting attacks...

6.1CVSS5.7AI score0.00398EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site...

6.1CVSS4.3AI score0.00398EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.9 views

Tendenci security vulnerabilities

Tendenci is a membership management software developed by Tendenci Inc. in the United States, primarily used by non-profit organizations and associations. This software supports functions such as member management, content management, event management, and online donation management. Version 12.3...

9.8CVSS6AI score0.10683EPSS
Exploits1References4
Rows per page
Query Builder