13 matches found
CVE-2026-54263
Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting XSS vulnerability exists on the dynamic image URL generator view within the Wagtail admin interface. A user with a limited-permission editor account for...
CVE-2026-54259
Wagtail (Django-based CMS) has a vulnerability in older branches where the Documents and Images chooser endpoint could show items to users who lack choose permission. Affected versions: < 7.0.8, < 7.3.3, and
CVE-2026-54260
CVE-2026-54260 affects Wagtail (Django-based CMS). In versions prior to 7.0.8, 7.3.3, and 7.4.2, an authenticated admin user can trigger expensive rendition processing via crafted filter specs in the image preview, leading to potential service degradation. This is not exploitable by anonymous vis...
PT-2026-54839
Name of the Vulnerable Software and Affected Versions Wagtail versions prior to 7.0.8 Wagtail versions prior to 7.3.3 Wagtail versions prior to 7.4.2 Description A low-level user granted the "Can submit translation" permission can create translations for any page, regardless of whether they have...
Astra Linux – Vulnerability in imagemagick
In GammaImage of /MagickCore/enhance.c, depending on the gamma value, it is possible for a divide-by-zero condition to occur when a specially crafted input file is processed by ImageMagick. This could affect the availability of the application. The patch uses PerceptibleReciprocal to prevent such...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017557)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017557 advisory. A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in t...
Linux Distros Unpatched Vulnerability : CVE-2023-21987
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior t...
CloudLinux CageFS Security Vulnerability
CloudLinux CageFS is a virtualized file system and set of tools from CloudLinux. A security vulnerability exists in CloudLinux CageFS version 7.0.8-2 and prior versions. An attacker could exploit the vulnerability to read and write arbitrary files outside of the CageFS environment in a limited wa...
CVE-2023-21998
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
CVE-2023-21990
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
UBUNTU-CVE-2023-22002
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
Oracle Virtualization 安全漏洞
Oracle Virtualization is a suite of virtualization solutions from Oracle. The product is used to unify the management of the entire hardware and software architecture from applications to disk, enabling virtualization from the desktop to the data center. A security vulnerability exists in the Cor...
UBUNTU-CVE-2020-27762
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could...