Lucene search
K

124 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/27 2:2 a.m.5 views

CVE-2026-3281

A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...

7.8CVSS6.1AI score0.00243EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2026/02/27 2:2 a.m.9 views

CVE-2026-3281

A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...

7.8CVSS5.7AI score0.00243EPSS
Exploits1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.9 views

libvips 输入验证错误漏洞

libvips is an open-source fast image processing library with low memory requirements. Version 8.19.0 of libvips contains a vulnerability related to input validation errors. This vulnerability stems from incorrect handling of the extractarea parameter in the function vipsextractareabuild located i...

5.5CVSS5.8AI score0.00214EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.26 views

PT-2026-22285

A vulnerability was detected in libvips 8.19.0. This affects the function vips bandrank build of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now...

5.3CVSS5.9AI score0.00243EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.7 views

PT-2026-22288

A vulnerability was found in libvips 8.19.0. Impacted is the function vips extract area build of the file libvips/conversion/extract.c. The manipulation of the argument extract area results in integer overflow. The attack requires a local approach. The exploit has been made public and could be...

4.8CVSS4.7AI score0.00214EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libvips up to 8.18.0. This affects the function vipsforeignloadcsvbuild of the file libvips/foreign/csvload.c. The manipulation...

7.8CVSS5.5AI score0.00209EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/25 6:17 a.m.2 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in the vipsforeignloadmatrixheader function. An attacker can cause memory corruption by providing specially crafted input files to the affected process. Remediation A fix was pushed into the master branch but not yet...

7.8CVSS6.1AI score0.00184EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/02/25 4:16 a.m.2 views

CVE-2026-3147

A vulnerability was found in libvips up to 8.18.0. This affects the function vipsforeignloadcsvbuild of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could be used. The patch i...

7.8CVSS6AI score0.00209EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/25 3:16 a.m.4 views

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

5.5CVSS5.3AI score0.00167EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2026/02/25 3:2 a.m.8 views

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

5.5CVSS3.9AI score0.00167EPSS
Exploits1
Snyk
Snyk
added 2026/02/22 6:56 a.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the vipssourcereadtomemory function. An attacker can cause a crash or disrupt service by providing a specially crafted custom seekable source larger than 4 GiB, leading to a heap-based buffer overflow...

7CVSS5.8AI score0.00182EPSS
Exploits1References2
OSV
OSV
added 2026/02/22 4:15 a.m.5 views

UBUNTU-CVE-2026-2913

A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...

7CVSS5.4AI score0.00182EPSS
Exploits1References10
OSV
OSV
added 2026/02/22 4:2 a.m.5 views

CVE-2026-2913 libvips source.c vips_source_read_to_memory heap-based overflow

A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...

2CVSS5.4AI score0.00182EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2026/02/22 4:2 a.m.4 views

CVE-2026-2913 libvips source.c vips_source_read_to_memory heap-based overflow

A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...

2.5CVSS4AI score0.00182EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/02/22 4:2 a.m.7 views

CVE-2026-2913

A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...

2.5CVSS5.2AI score0.00182EPSS
Exploits1References8
CVE
CVE
added 2026/02/22 4:2 a.m.58 views

CVE-2026-2913

CVE-2026-2913 (libvips) : A heap-based buffer overflow is triggered in vips_source_read_to_memory within libvips/iofuncs/source.c, affecting libvips up to 8.19.0. The vulnerability can be exploited locally, with high attack complexity and high impact on availability and integrity as described. Th...

7CVSS4.7AI score0.00182EPSS
Exploits1References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.11 views

PT-2026-21413

A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips source read to memory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rate...

2.5CVSS5.2AI score0.00182EPSS
Exploits1References9
Fedora
Fedora
added 2025/12/18 1:12 a.m.9 views

[SECURITY] Fedora 42 Update: vips-8.17.3-1.fc42

VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...

7.8CVSS6.9AI score0.00176EPSS
Exploits0
Fedora
Fedora
added 2025/12/18 12:59 a.m.9 views

[SECURITY] Fedora 43 Update: vips-8.17.3-1.fc43

VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...

7.8CVSS6.9AI score0.00176EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.6 views

Fedora 42 : vips (2025-107641b428)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-107641b428 advisory. New version of vips. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...

7.8CVSS5.5AI score0.00176EPSS
Exploits0References2
Rows per page
Query Builder