Infinite loop

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

CVE-2026-23874 ImageMagick's MSL: Stack overflow via infinite recursion in ProcessMSLScript

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

Infinite loop

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

CVE-2026-23874 ImageMagick's MSL: Stack overflow via infinite recursion in ProcessMSLScript

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite recursion in MSL Magick Scripting Language command when writing to MSL format. Version 7.1.2-13 fixes the issue...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in ProcessMSLScript. An attacker can cause the application to crash or become unresponsive by supplying a specially crafted Magick Scripting Language MSL file that triggers infinite recursion, resulting in a stack overflow...

Infinite loop

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Infinite loop

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

CVE-2026-23874

CVE-2026-23874 affects ImageMagick. A stack overflow is triggered by an infinite recursion in the MSL (Magick Scripting Language) command when writing to MSL format. Affected versions are those prior to 7.1.2-13; the issue is fixed in 7.1.2-13. The vulnerability arises during MSL processing, pot...

Infinite loop

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Linux Distros Unpatched Vulnerability : CVE-2026-23874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-13 have a stack overflow via infinite...

AttackMate: Realistic Emulation and Automation of Cyber Attack Scenarios across the Kill Chain

Adversary emulation tools facilitate scripting and automated execution of cyber attack chains, thereby reducing costs and manual expert effort required for security testing, cyber exercises, and intrusion detection research. However, due to the fact that existing tools typically rely on agents...

PT-2026-3527

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-13 Description ImageMagick is software used for editing and manipulating digital images. Versions before 7.1.2-13 are susceptible to a stack overflow due to infinite recursion within the MSL Magick Scripting...

MiracleLinux 4 : php-5.3.3-27.AXS4.1 (AXSA:2014-484:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-484:02 advisory. Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP al...

CVE-2021-47758

Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables...

MiracleLinux 4 : php-5.3.3-3.AXS4.6 (AXSA:2012-101:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-101:02 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in...

MiracleLinux 3 : php-5.1.6-39.0.1.AXS3 (AXSA:2012-687:05)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-687:05 advisory. PHP is an HTML-embedded scripting language that allows developers to write dynamically generated web pages. PHP is ideal for writing database-enabled...

CVE-2023-54335 eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system...

PT-2026-2556

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the code doesn't validate that the JWT header specifies "alg":"RS256". This vulnerability is fixed in 2.2...

CVE-2023-53956

Flatnux 2021-03.25 is affected by an authenticated file upload vulnerability in the file manager that allows an admin with credentials to upload arbitrary PHP files to the web root, enabling remote code execution on the server. Public reference shows an exploit exists (exploits/51295). Root cause...

CVE-2025-58949

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through = 1.17...