31 matches found
TencentOS Server 2: ImageMagick (TSSA-2026:0252)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0252 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
ImageMagick security update
6.9.10.68-7.0.9 - Fix CVE-2026-28691 and CVE-2026-28693 Orabug: 39174244 6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal SVG decoder CVE-2026-25985 6.9.10.68-7.0.5 - Fix...
Oracle Linux 7 : ImageMagick (ELSA-2026-6713)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6713 advisory. - Fix CVE-2026-28691 and CVE-2026-28693 Orabug: 39174244 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memor...
Debian dla-4539 : imagemagick - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4539 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4539-1 [email protected]...
Oracle Linux 7 : ImageMagick (ELSA-2026-5573)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-5573 advisory. - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the interna...
ROOT-OS-DEBIAN-12-CVE-2026-25985 CVE-2026-25985 in rootio-imagemagick - Patched by Root
Root has patched CVE-2026-25985 in the rootio-imagemagick package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-25985 CVE-2026-25985 in rootio-imagemagick - Patched by Root
Root has patched CVE-2026-25985 in the rootio-imagemagick package for Root:Debian:11. Multiple fixed versions available...
CVE-2026-25985
creationtimestamp| type| source ---|---|--- 2026-02-24 02:18:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfl3zrlwzm2c 2026-02-25 15:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfox3ibmdy2q 2026-03-30 07:02:32+00:00| seen|...
CVE-2026-25985
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Versions...
Linux Distros Unpatched Vulnerability : CVE-2026-25985
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file...
CVE-2026-25985
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Versions...
CVE-2024-25985
In bigounlockedioctl of bigo.c, there is a possible UAF due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-25985
Cross-Site Request Forgery CSRF vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5...
CVE-2021-25985
In Factor App Framework & Headless CMS v1.0.4 to v1.8.30, improperly invalidate a user’s session even after the user logs out of the application. In addition, user sessions are stored in the browser’s local storage, which by default does not have an expiration time. This makes it possible for an...
CVE-2020-25985
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...
CVE-2025-25985
An issue in Macro-video Technologies Co.,Ltd V380E6C1 IP camera HwHsAKPIQpWFXHR 1020302 allows a physically proximate attacker to execute arbitrary code via the /mnt/mtd/mvconf/wifi.ini and /mnt/mtd/mvconf/userinfo.ini components...
CVE-2025-25985
creationtimestamp| type| source ---|---|--- 2025-04-18 20:33:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ln4hrgkrn42g 2025-04-18 20:59:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12546 2025-04-18 23:16:07+00:00| seen|...
CVE-2025-25985
An issue in Macro-video Technologies Co.,Ltd V380E6C1 IP camera HwHsAKPIQpWFXHR 1020302 allows a physically proximate attacker to execute arbitrary code via the /mnt/mtd/mvconf/wifi.ini and /mnt/mtd/mvconf/userinfo.ini components...
CVE-2025-25985
An issue in Macro-video Technologies Co.,Ltd V380E6C1 IP camera HwHsAKPIQpWFXHR 1020302 allows a physically proximate attacker to execute arbitrary code via the /mnt/mtd/mvconf/wifi.ini and /mnt/mtd/mvconf/userinfo.ini components...
Exploit for Observable Discrepancy in Macro-Video V380_Pro
v380 IP camera research !Report versionhttps://img.shields...