182 matches found
CVE-2026-5443
A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...
UBUNTU-CVE-2026-5443
A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...
CVE-2026-5443 Heap Buffer Overflow in DICOM Image Decoder (Palette Color Decode)
A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...
CVE-2026-5443
A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...
CVE-2026-5443
CVE-2026-5443 is a heap buffer overflow in the DICOM image palette-color decoder. The 32-bit width×height calculation for pixel length allows overflow, causing validation to pass and enabling reads/writes beyond allocated buffers. Connected sources confirm Orthanc as affected and describe the sam...
PT-2026-31632
A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to read and write to memor...
Linux Distros Unpatched Vulnerability : CVE-2026-5443
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow vulnerability exists during the decoding of PALETTE COLOR DICOM images. Pixel length validation uses 32-bit multiplication for width and...
CVE-2026-34404
Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a Denial of Service DoS vulnerability. The issue arises because there is no restriction on the width and height...
SUSE CVE-2026-33986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
Nuxt OG Image is vulnerable to Denial of Service via unbounded image dimensions
Product: Nuxt OG Image Version: 6.1.2 CWE-ID: CWE-404: Improper Resource Shutdown or Release Description: Failure to limit the length and width of the generated image results in a denial of service. Impact: Denial of service Exploitation condition: An external user Mitigation: Implement a...
CVE-2026-34404
CVE-2026-34404 affects Nuxt OG Image. The vulnerability is in the image-generation component accessed via /_og/d/ (and older /og-image/), where unbounded width/height parameters allow a Denial of Service. Affected versions prior to 6.2.5 are exploitable; the issue has been patched in version 6.2....
nuxt-og-image 资源管理错误漏洞
nuxt-og-image is a tool developed by Nuxt Modules for generating social media previews for Nuxt applications. Versions of nuxt-og-image prior to 6.2.5 contained a resource management vulnerability. This vulnerability stemmed from the image generation component having no restrictions on the width...
CVE-2026-33986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
EUVD-2026-17233
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...
EUVD-2026-16894
A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgifaddframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier ...
CVE-2026-4985
A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgifaddframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier ...
CVE-2026-4985 dloebl CGIF GIF Image cgif.c cgif_addframe integer overflow
A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgifaddframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier ...
PT-2026-28705
Name of the Vulnerable Software and Affected Versions dloebl CGIF versions up to 0.5.2 Description A flaw exists in dloebl CGIF up to version 0.5.2 related to integer overflow within the cgif addframe function located in the src/cgif.c file of the GIF Image Handler component. The issue stems from...
cgif 安全漏洞
CGIF was developed by Daniel Löbl personally. Versions of CGIF 0.5.2 and earlier contained security vulnerabilities, which were caused by incorrect handling of parameters width/height, leading to integer overflows...
CVE-2026-33418
DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the ensureSize function in @dicebear/converter used a regex-based approach to rewrite SVG width/height attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafti...