Lucene search
K

125 matches found

RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-55595

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. This vulnerability allows an attacker to trigger an infinite loop by providing invalid arguments to the connected-components option. Successful exploitation of this flaw can lead to ...

4.7CVSS5.6AI score0.0009EPSS
Exploits0References4
NVD
NVD
added 2 days ago3 views

CVE-2026-55595

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS0.0009EPSS
Exploits0References1
CVE
CVE
added 2 days ago41 views

CVE-2026-55595

ImageMagick is affected by a vulnerability in the connected-components option. Prior to versions 6.9.13-51 and 7.1.2-26, providing invalid arguments to this option can cause an infinite loop (local attack vector, high availability impact) as described in the CVE notes. The issue has been fixed in...

4.7CVSS5.8AI score0.0009EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-55595 ImageMagick: Infinite Loop in connected-components when providing invalid arguments

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...

4.7CVSS0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added last week7 views

CVE-2026-56370

An out-of-bounds access vulnerability exists in ImageMagick's ConnectedComponentsImage function. By passing malformed connected-components definitions through the CLI, an attacker can cause a denial of service or potentially execute arbitrary code. Mitigation Prevent the injection of malformed...

7.8CVSS6.2AI score0.00121EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-56370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with inval...

7.8CVSS6AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 1:16 p.m.11 views

CVE-2026-56370

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

7.8CVSS0.00121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 11:53 a.m.37 views

CVE-2026-56370 ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

4.8CVSS0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 11:53 a.m.14 views

CVE-2026-56370

ImageMagick: CVE-2026-56370 is an out-of-bounds access vuln in ConnectedComponentsImage() when handling malformed connected-components artifacts, affecting ImageMagick before version 7.1.2-19. An invalid indices scenario via CLI can trigger access violations, potentially causing denial of service...

7.8CVSS6AI score0.00121EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 11:53 a.m.6 views

CVE-2026-56370

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

7.8CVSS6AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 11:53 a.m.12 views

EUVD-2026-38756

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

4.8CVSS6AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 1:25 p.m.2 views

SUSE-SU-2026:2580-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues This update for ImageMagick fixes the following issues - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. -...

7.5CVSS6.1AI score0.01849EPSS
Exploits2References59
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.14 views

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1826)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1826 advisory. When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. as per:...

7.5CVSS6.1AI score0.01849EPSS
Exploits2References32
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Handling jset if a & b ... as a jump in CFG computation. BPFJSET is a conditional jump, and currently, verifier.c:canjump does not take this into account. This can lead to incorrect live registers and incorrect SCC Set of...

5.5CVSS5.3AI score0.00134EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/12 2:26 a.m.7 views

SUSE CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.4AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 11:33 p.m.9 views

CVE-2026-45359

A flaw was found in ImageMagick. A local attacker could exploit this vulnerability by providing an invalid 'connected-components:keep-top' value during image processing. This could lead to a heap buffer over-read, potentially resulting in information disclosure or a denial of service DoS...

7.1CVSS5.2AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 10:16 p.m.9 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

7.1CVSS0.00122EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/10 9:26 p.m.9 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

7.1CVSS5.5AI score0.00122EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/10 9:26 p.m.8 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

7.1CVSS5.5AI score0.00122EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/10 9:26 p.m.29 views

CVE-2026-45359 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS0.00122EPSS
Exploits0References1
Rows per page
Query Builder