CVE-2026-47166 ImageMagick: Heap Buffer Over-Read in distributed pixel cache server

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been patched in versio...

CVE-2026-47166 ImageMagick: Heap Buffer Over-Read in distributed pixel cache server

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process. This issue has been patched in versio...

CVE-2026-47166

Summary (CVE-2026-47166) ImageMagick’s distributed pixel cache server is vulnerable to a heap buffer over-read when a privileged, local attacker can connect to the magick -distribute-cache service. This flaw could lead to information disclosure (and potential DoS) in affected server processes. Th...

CVE-2026-46693 ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met. This issue ha...

CVE-2026-46693

Summary : CVE-2026-46693 affects ImageMagick’s distributed pixel cache server. A race condition can allow a privileged attacker who can connect to a magick -distribute-cache service to hijack a file descriptor in the server process. The issue is specifically tied to the distributed cache mechanis...

CVE-2026-46692 ImageMagick: Heap Buffer Over-Write in distributed pixel cache server

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in...

CVE-2026-46692 ImageMagick: Heap Buffer Over-Write in distributed pixel cache server

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in...

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-23 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-47 or 7.x prior to 7.1.2-22. It is, therefore, affected by multiple vulnerabilities: — An attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race...

ImageMagick: Heap Buffer Over-Read in distributed pixel cache server

An attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process...

GHSA-6GXQ-F64P-5W6F ImageMagick: Heap Buffer Over-Read in distributed pixel cache server

An attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process...

PT-2026-42812

Name of the Vulnerable Software and Affected Versions ImageMagick affected versions not specified Description A race condition in the magick -distribute-cache service allows a remote attacker to hijack a file descriptor within the server process. Recommendations At the moment, there is no...

Description of the security update for SharePoint Server 2019: June 10, 2025 (KB5002729)

Description of the security update for SharePoint Server 2019: June 10, 2025 KB5002729 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Word remote code execution vulnerability. To learn more about the vulnerabilities, see the...

Description of the security update for SharePoint Server 2019: May 9, 2023 (KB5002389)

Description of the security update for SharePoint Server 2019: May 9, 2023 KB5002389 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability, Microsoft SharePoint Server information disclosure vulnerability, and Microsoft SharePoint Server remote code execution...

Description of the security update for SharePoint Server Subscription Edition: May 9, 2023 (KB5002390)

Description of the security update for SharePoint Server Subscription Edition: May 9, 2023 KB5002390 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability, Microsoft SharePoint Server information disclosure vulnerability, and Microsoft SharePoint Server remote...

Improper Link Resolution Before File Access in Apache Hadoop

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...

GHSA-JPMF-8CJ2-595G Improper Link Resolution Before File Access in Apache Hadoop

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...

Description of the security update for SharePoint Enterprise Server 2016: October 10, 2017

Description of the security update for SharePoint Enterprise Server 2016: October 10, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, s...

IBM WebSphere eXtreme Scale Security Bypass Vulnerability

IBM WebSphere eXtreme Scale is a distributed caching solution. IBM WebSphere Extreme Scale failed to properly handle logout operations, allowing an attacker to exploit a vulnerability to bypass security restrictions on other user sessions...

CVE-2014-3627

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...

Authentication flaw

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...