Lucene search
K

124 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.3 views

Fedora 43 : vips (2026-3b2ddea116)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3b2ddea116 advisory. - update to v8.18.3 - enable uhdr - fix several security issues Tenable has extracted the preceding description block directly from the Fedora...

7.8CVSS6AI score0.00243EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.3 views

Fedora 44 : vips (2026-b9f00ad1b7)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b9f00ad1b7 advisory. - update to v8.18.3 - enable uhdr - fix several security issues Tenable has extracted the preceding description block directly from the Fedora...

7.8CVSS6AI score0.00243EPSS
Exploits8References9
ATTACKERKB
ATTACKERKB
added 2026/04/17 1:45 p.m.4 views

CVE-2026-6491

A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...

5.3CVSS5.6AI score0.0016EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/17 1:45 p.m.38 views

CVE-2026-6491 libvips nip2 vips7compat.c im_minpos_vec heap-based overflow

A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...

5.3CVSS0.0016EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2026/03/03 12:0 a.m.129 views

📄 libvips 8.19.0 VIPS Image Extraction Crash / Auditor

This Python script performs a comprehensive security and stability audit of the vips image processing binary. It tests the extractarea function using extreme int32 and uint32 values as well as normal ranges to detect crashes, memory corruption, or buffer overflows. The audit automates setup,...

6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-3281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation...

7.8CVSS5.8AI score0.00243EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/02 12:42 p.m.7 views

CVE-2026-3281

A flaw was found in libvips. A local attacker can exploit a heap-based buffer overflow vulnerability by manipulating the argument index in the vipsbandrankbuild function. This can lead to information disclosure, data modification, or denial of service...

7.8CVSS6AI score0.00243EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-3283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulatio...

7.1CVSS4AI score0.0022EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/27 6:15 a.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the vipsbandrankbuild function. An attacker can execute arbitrary code, cause a denial of service, or potentially escalate privileges by manipulating the index argument to trigger a heap-based buffer...

7.8CVSS6.4AI score0.00243EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/27 6:15 a.m.4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the vipsextractbandbuild function. An attacker can access sensitive information by supplying crafted arguments to trigger an out-of-bounds read. Remediation A fix was pushed into the master branch but not yet...

7.1CVSS5.9AI score0.0022EPSS
Exploits1References2
OSV
OSV
added 2026/02/27 3:16 a.m.5 views

DEBIAN-CVE-2026-3282

A flaw has been found in libvips 8.19.0. This vulnerability affects the function vipsunpremultiplybuild of the file libvips/conversion/unpremultiply.c. Executing a manipulation of the argument alphaband can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

7.1CVSS4.1AI score0.0022EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 3:16 a.m.3 views

CVE-2026-3283

A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulation of the argument extractband leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to th...

7.1CVSS5.2AI score
Exploits0References8
NVD
NVD
added 2026/02/27 3:16 a.m.9 views

CVE-2026-3282

A flaw has been found in libvips 8.19.0. This vulnerability affects the function vipsunpremultiplybuild of the file libvips/conversion/unpremultiply.c. Executing a manipulation of the argument alphaband can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

7.1CVSS0.0022EPSS
Exploits1References8
OSV
OSV
added 2026/02/27 3:16 a.m.9 views

UBUNTU-CVE-2026-3284

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

5.5CVSS5.6AI score0.00214EPSS
Exploits2References10
Vulnrichment
Vulnrichment
added 2026/02/27 3:2 a.m.4 views

CVE-2026-3284 libvips extract.c vips_extract_area_build integer overflow

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

4.8CVSS5.8AI score0.00214EPSS
Exploits2References8
Debian CVE
Debian CVE
added 2026/02/27 3:2 a.m.7 views

CVE-2026-3284

A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...

5.5CVSS4.3AI score0.00214EPSS
Exploits2
CVE
CVE
added 2026/02/27 2:32 a.m.19 views

CVE-2026-3283

CVE-2026-3283 affects libvips 8.19.0, specifically the vips_extract_band_build function in libvips/conversion/extract.c. The issue arises from manipulation of the extract_band argument, leading to an out-of-bounds read. Exploitation is described as local, with public disclosure of the exploit. A ...

7.1CVSS4.5AI score0.0022EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2026/02/27 2:32 a.m.23 views

CVE-2026-3282

The CVE-2026-3282 entry affects libvips 8.19.0, specifically the vips_unpremultiply_build function in libvips/conversion/unpremultiply.c. The vulnerability arises when manipulating the alpha_band argument, which can cause an out-of-bounds read. Exploitation is described as local, and multiple sou...

7.1CVSS4.5AI score0.0022EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/02/27 2:16 a.m.6 views

DEBIAN-CVE-2026-3281

A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...

7.8CVSS5.7AI score0.00243EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 2:16 a.m.7 views

UBUNTU-CVE-2026-3281

A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...

7.8CVSS6AI score0.00243EPSS
Exploits1References10
Rows per page
Query Builder