Linux Distros Unpatched Vulnerability : CVE-2021-20309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger...

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager Unified CM and Unified Communications Manager Session Management Edition Unified CM SME that could permit an attacker to login to a susceptible device as the root user, allowing them ...

CVE-2025-20309 Cisco Unified Communications Manager Static SSH Credentials Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that...

CVE-2025-20309

CVE-2025-20309 affects Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The root cause is static, hardcoded root credentials that cannot be changed or deleted, enabling an unauthenticated, remote attacker to log in using the root accoun...

CVE-2024-20309

A vulnerability in auxiliary asynchronous port AUX functions of Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload or stop responding. This vulnerability is due to the incorrect handling of specific ingress traffic when flow control hardware i...

CVE-2018-20309

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read...

Ubuntu 20.04 LTS / 22.04 LTS : ImageMagick vulnerabilities (USN-6200-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6200-2 advisory. USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This...

USN-6200-2: ImageMagick vulnerabilities

USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...

Amazon Linux 2 : ImageMagick (ALAS-2024-2559)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2559 advisory. A flaw was found in ImageMagick, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined...

Low: ImageMagick

Issue Overview: A flaw was found in ImageMagick, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability...

Cisco IOS XE Software Auxiliary Asynchronous Port DoS (cisco-sa-aux-333WBz8f)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in auxiliary asynchronous port AUX functions of Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload or stop responding. This...

CVE-2024-20309

CVE-2024-20309 affects Cisco IOS XE Software AUX port handling. The vulnerability arises from incorrect processing of specific ingress data when flow-control hardware on the AUX port is enabled, allowing an authenticated, local attacker to reverse-telnet to the AUX port and send data to cause a d...

SUSE: Security Advisory (SUSE-SU-2023:4634-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6200-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. CVE-2020-29599 It was...

Debian: Security Advisory (DLA-3429-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3429 : imagemagick - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3429 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3429-1 [email protected]...

CVE-2023-26410 ZDI-CAN-20309: Adobe Substance 3D Designer USD File Parsing Use-After-Free Remote Code Execution Vulnerability

Adobe Substance 3D Designer version 12.4.0 and earlier is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Mageia: Security Advisory (MGASA-2022-0446)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-20309

creationtimestamp| type| source ---|---|--- 2022-08-12 18:33:22+00:00| seen| https://t.me/cibsecurity/48024...