Lucene search
K

7 matches found

EUVD
EUVD
added 2026/07/01 2:41 a.m.7 views

EUVD-2026-40869

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS7.4AI score0.1308EPSS
Exploits2References2
CVE
CVE
added 2026/06/22 2:55 p.m.54 views

CVE-2026-53655

node-tar (node-tar) before version 7.5.16 is vulnerable: it applies a PAX extended header size override to the next header entry, including intermediary L/K/x headers, which desynchronizes the stream cursor from other tar implementations. This yields a tar-parser interpretation differential (CWE-...

6.9CVSS5.9AI score0.00107EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2026/04/13 9:32 p.m.5 views

CVE-2026-40310

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 an...

5.5CVSS5.2AI score0.00189EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, the WriteSVGImage function contained a vulnerability where using an integer variable to store numberattributes could lead to integer overflow. This, in turn, triggered a buffe...

7.5CVSS5.8AI score0.00524EPSS
Exploits1References3
F5 Networks
F5 Networks
added 2026/01/09 5:57 p.m.10 views

K000159043: ImageMagick vulnerability CVE-2025-69204

Security Advisory Description ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store numberattributes caused an integer overflow. This, in turn, triggered a buffer...

7.5CVSS7.4AI score0.00524EPSS
Exploits1
Atlassian
Atlassian
added 2025/12/10 2:25 a.m.17 views

XXE (XML External Entity Injection) Tika Dependency Vulnerability in Crowd Data Center and Server

This Crowd release includes updates to our Apache Tika dependency in response to CVE-2025-66516. Our security team has assessed that the current scope of this CVE does not present the same critical risk in our products, as our use of the dependency doesn’t support the known path for exploitation...

9.8CVSS7.9AI score0.79807EPSS
Exploits5
OSV
OSV
added 2025/03/31 4:7 p.m.14 views

CVE-2025-30149 OpenEMR Reflected XSS in AJAX Script

OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows reflected cross-site scripting XSS in the AJAX Script interface\super\layoutlistitemsajax.php via the target parameter. This vulnerability is fixed in 7.0.3...

6.4CVSS6.1AI score0.00299EPSS
Exploits1References4
Rows per page
Query Builder