Search CVE reports
361 – 370 of 1279 results
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error,...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | — | Not affected | Not affected | Not affected |
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Fixed | Fixed | Fixed | Not affected | Not affected |
Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic.
4 affected packages
golang-github-golang-protobuf-1-3, golang-github-golang-protobuf-1-5, golang-goprotobuf, google-guest-agent
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-github-golang-protobuf-1-3 | Not in release | Needs evaluation | Not in release | Not in release | Ignored |
| golang-github-golang-protobuf-1-5 | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
| golang-goprotobuf | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| google-guest-agent | Not affected | Not affected | Not affected | Not affected | Not affected |
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | — | Not affected | Not affected | Not affected |
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | — | Not affected | Not affected | Not affected |
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | — | — | Ignored | Ignored | Ignored |
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Fixed | Fixed | Fixed | Fixed | Fixed |
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of...
6 affected packages
emacs, emacs23, emacs24, emacs25, xemacs21, xemacs21-packages
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| emacs | — | — | Not affected | Not affected | Not in release |
| emacs23 | — | — | Not in release | Not in release | Not in release |
| emacs24 | — | — | Not in release | Not in release | Not in release |
| emacs25 | — | — | Not in release | Not in release | Not affected |
| xemacs21 | — | — | Not affected | Not affected | Not affected |
| xemacs21-packages | — | — | Not affected | Not affected | Not affected |
Some fixes available 13 of 74
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
9 affected packages
darktable, exactimage, dcraw, rawtherapee, kodi...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| digikam | Not affected | Not affected | Fixed | Fixed | Fixed |
| libraw | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
| ufraw | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read...
1 affected package
imagemagick
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| imagemagick | Fixed | Fixed | Fixed | Not affected | Not affected |