23089 matches found
Use of Externally-Controlled Format String
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Use of Externally-Controlled Format String
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Use of Externally-Controlled Format String
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
GHSA-9CCG-6PJW-X645 ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution
Summary A format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code...
ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution
Summary A format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code...
gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
LlamaIndex affected by a Denial of Service (DOS) in JSONReader
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
Linux Distros Unpatched Vulnerability : CVE-2021-40609
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. CVE-2021-40609 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2024-28569
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the Imf22::Xdr::read function when...
Linux Distros Unpatched Vulnerability : CVE-2018-3769
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ruby-grape ruby gem suffers from a cross-site scripting XSS vulnerability via format parameter. CVE-2018-3769 Note that Nessus relies on the presence of the...
ImageMagick 安全漏洞
ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in a variety of formats. A security vulnerability exists in ImageMagick versions prior to 6.9.13-28 and 7.1.2-2, which stems from a format string vulnerability that...
Linux Distros Unpatched Vulnerability : CVE-2024-28574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the...
Linux Distros Unpatched Vulnerability : CVE-2024-28582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the rgbeRGBEToFloat function when...
Important: Red Hat Security Advisory: libarchive security update
An update for libarchive is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enablin...
Heap-based Buffer Overflow
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Heap-based Buffer Overflow
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...