Lucene search
+L

181 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-61868

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion denial of service...

6.3CVSS0.00222EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-61868 ImageMagick before 7.1.2-26 Memory Leak in YUV Decoder

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion denial of service...

6.3CVSS0.00222EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-44617

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion denial of service...

6.3CVSS6.1AI score0.00222EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

CVE-2026-61868 ImageMagick before 7.1.2-26 Memory Leak in YUV Decoder

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion denial of service...

6.3CVSS6.1AI score0.00222EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 6:27 a.m.3 views

OESA-2026-2829 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A use-after-free...

8.8CVSS6.3AI score0.00477EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 2026/06/29 5:7 a.m.9 views

CVE-2026-8461

A flaw was found in FFmpeg's libavcodec library. This out-of-bounds write vulnerability, specifically within the MagicYUV decoder, could allow a remote attacker to execute arbitrary code on the affected system. In other scenarios, it may lead to a denial-of-service, making the system unavailable...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a client-side heap buffer overflow occurred in the FreeRDP client’s AVC420/AVC444 YUV-to-RGB conversion process. This issue arose due to a lack of validation of the horizontal bounds of the H.264 metablock...

8.2CVSS6AI score0.00323EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap buffer overflow vulnerability in the ReadYUVImage function coders/yuv.c, when processing malicious YUV 4:2:2 NoInterlace images. This...

9.8CVSS7.4AI score0.00461EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in the YUV sampling factor validation allowed an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading,...

7.5CVSS6.6AI score0.00385EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:29 a.m.6 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.6AI score0.00477EPSS
Exploits3References2
EUVD
EUVD
added 2026/06/18 11:29 a.m.14 views

EUVD-2026-37878

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.7AI score0.00477EPSS
Exploits3References1
Redos
Redos
added 2026/06/15 12:0 a.m.9 views

ROS-20260615-73-0041

The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...

7.5CVSS5.7AI score0.00265EPSS
Exploits0
EUVD
EUVD
added 2026/06/09 12:33 a.m.11 views

EUVD-2026-35240

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.5AI score0.00231EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libsdl1.2

It was discovered that SDL v1.2 contains a use-after-free issue due to the XFree function in the file /src/video/x11/SDLx11yuv.c...

7.5CVSS7.2AI score0.00969EPSS
Exploits1References2
OSV
OSV
added 2026/04/30 4:54 p.m.4 views

OPENSUSE-SU-2026:20657-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...

9.8CVSS6.1AI score0.00656EPSS
Exploits19References56
OSV
OSV
added 2026/04/14 3:22 p.m.11 views

CLSA-2026-1776180138 Fix of 12 CVEs

SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53101.patch: fix vulnerability in image handling - CVE-2025-53101 SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53014.patch: fix vulnerability in image handling - CVE-2025-53014 SECURIT...

9.8CVSS7AI score0.00792EPSS
Exploits4References1
OSV
OSV
added 2026/04/14 3:5 p.m.12 views

CLSA-2026-1776179155 Fix of 8 CVEs

SECURITY UPDATE: fix division by zero in YUV coder - debian/patches/CVE-2026-25799.patch: fix division by zero in YUV coder - CVE-2026-25799 SECURITY UPDATE: fix NULL pointer dereference in SFW coder - debian/patches/CVE-2026-25795.patch: fix NULL pointer dereference in SFW coder - CVE-2026-25795...

7.5CVSS6.6AI score0.00429EPSS
Exploits0References1
OSV
OSV
added 2026/04/14 11:56 a.m.9 views

CLSA-2026-1776167812 ImageMagick: Fix of 5 CVEs

CVE-2025-53019: fix memory leak in StreamImage with multiple %d in filename template - CVE-2025-55212: fix division-by-zero in ThumbnailImage via zero-dimension geometry - CVE-2026-25795: fix NULL dereference in ReadSFWImage on temp file failure - CVE-2026-25799: fix division-by-zero in YUV...

7.5CVSS6.7AI score0.00851EPSS
Exploits1References1
Amazon
Amazon
added 2026/04/14 12:0 a.m.17 views

Medium: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In...

9.8CVSS6.1AI score0.00323EPSS
Exploits6
OSV
OSV
added 2026/04/08 8:30 p.m.10 views

CLSA-2026-1775669370 ImageMagick: Fix of CVE-2026-25986

CVE-2026-25986: heap buffer overflow write in YUV decoder when image dimensions are not properly validated...

9.8CVSS6AI score0.00461EPSS
Exploits0References1
Rows per page
Query Builder