Lucene search
K

220 matches found

Cvelist
Cvelist
added 2025/04/23 12:0 a.m.21 views

CVE-2025-43965

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...

2.9CVSS0.00481EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/23 12:0 a.m.4 views

Sonos Era 300 资源管理错误漏洞

The Sonos Era 300 is a spatial audio speaker with Dolby Atmos Dolby Atmos from Sonos USA. The Sonos Era 300 suffers from a resource management error vulnerability that originates from SMB data processing without verifying object existence, which could lead to post-release reuse and remote code...

8.8CVSS8.9AI score0.00498EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/04/23 12:0 a.m.12 views

CVE-2025-43965

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...

7.5CVSS4.4AI score0.00481EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/04/23 12:0 a.m.15 views

CVE-2025-46393

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

2.9CVSS7.2AI score0.00345EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/11 1:48 a.m.7 views

CVE-2025-0122 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets

A denial-of-service DoS vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device...

5.1CVSS6.7AI score0.00244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 10:23 p.m.8 views

CVE-2025-24244

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Processing a maliciously crafted font may result in the disclosure of process memory...

6AI score0.00303EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2017-11449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial...

8.8CVSS6.8AI score0.03389EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 1:42 p.m.11 views

CVE-2020-13561

An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS7.2AI score0.01855EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 5:20 a.m.3 views

CVE-2024-1892

A Regular Expression Denial of Service ReDoS vulnerability exists in the XMLFeedSpider class of the scrapy/scrapy project, specifically in the parsing of XML content. By crafting malicious XML content that exploits inefficient regular expression complexity used in the parsing process, an attacker...

7.5CVSS6.6AI score0.00553EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/01/10 12:0 a.m.5 views

The vulnerability in the web interface of the Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage) allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Catalyst SD-WAN Manager formerly Cisco SD-WAN vManage relates to the lack of protection for the web page structure during the processing of element fields. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by sendin...

6.4CVSS5.4AI score0.00307EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.6 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the web page structure when processing DOM elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00624EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/10/28 9:7 p.m.19 views

CVE-2024-44215

This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing an image may result in disclosure of process memory...

0.00329EPSS
Exploits0References8
Apple
Apple
added 2024/09/16 12:0 a.m.35 views

About the security content of macOS Ventura 13.7

About the security content of macOS Ventura 13.7 This document describes the security content of macOS Ventura 13.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

8.1CVSS6.8AI score0.07939EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/09/04 12:0 a.m.1 views

UBUNTU-CVE-2024-44082

In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data...

4.3CVSS5.8AI score0.00545EPSS
Exploits0References3
CVE
CVE
added 2024/07/29 10:16 p.m.116 views

CVE-2024-40789

CVE-2024-40789 is a WebKitGTK/WebKit-related out-of-bounds access issue. The initial CVE description notes an out-of-bounds access that could cause an unexpected process crash when processing malicious web content, with fixes across Apple platforms (iOS, iPadOS, macOS, Safari, watchOS, tvOS, visi...

6.5CVSS6.8AI score0.01135EPSS
Exploits0References28Affected Software7
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.5 views

Juniper Networks Junos OS Evolved Security Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS system. A security vulnerability exists in Juniper Networks Junos OS Evolved, which arises from a vulnerability in packet processing that does not properly check for anomalies or unusual conditions, allowing an...

8.2CVSS6.7AI score0.00398EPSS
Exploits0References2
OSV
OSV
added 2024/06/10 9:15 p.m.5 views

CVE-2024-27836

The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, iOS 17.5 and iPadOS 17.5. Processing a maliciously crafted image may lead to arbitrary code execution...

7.8CVSS7.6AI score0.00383EPSS
Exploits0References7
NVD
NVD
added 2024/06/06 6:15 p.m.26 views

CVE-2024-36743

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...

7.5CVSS0.00417EPSS
Exploits0References1
CVE
CVE
added 2024/05/07 2:0 p.m.75 views

CVE-2024-4593

CVE-2024-4593 concerns DedeCMS 5.7, where the vulnerability lies in the file /src/dede/sys_multiserv.php. The issue is described as a cross‑site request forgery (CSRF) that can be triggered remotely, with the exploit publicly disclosed. Several connected sources consistently identify the affected...

5CVSS6.6AI score0.00428EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2024/03/08 2:15 a.m.25 views

Code injection

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Processing a file may lead to unexpected app termination or arbitrary code execution...

7.3AI score0.00386EPSS
Exploits0References6
Rows per page
Query Builder