Lucene search
K

261 matches found

OSV
OSV
added 2026/04/13 9:16 p.m.4 views

DEBIAN-CVE-2026-33899

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.2AI score0.00428EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/13 9:16 p.m.7 views

CVE-2026-33899

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.7AI score0.00428EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/13 8:46 p.m.24 views

CVE-2026-33899 ImageMagick: Heap BufferOverflow write of single zero byte when parsing XML

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS0.00428EPSS
Exploits0References4
CVE
CVE
added 2026/04/13 8:46 p.m.46 views

CVE-2026-33899

Issue : CVE-2026-33899 affects ImageMagick (and related builds) where parsing an XML file could trigger a heap-out-of-bounds write of a single zero byte. Affected versions : ImageMagick below 7.1.2-189 and 6.9.13-44. Root cause : out-of-bounds write when parsing XML with Magick. Impact : potentia...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/13 8:46 p.m.4 views

CVE-2026-33899 ImageMagick: Heap BufferOverflow write of single zero byte when parsing XML

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.7AI score0.00428EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/13 8:46 p.m.7 views

CVE-2026-33899

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/13 8:46 p.m.1 views

CVE-2026-33899

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.7AI score0.00428EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/04/13 8:46 p.m.8 views

CVE-2026-33899

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.2AI score0.00428EPSS
Exploits0
EUVD
EUVD
added 2026/04/13 7:33 p.m.4 views

EUVD-2026-22100

ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/13 7:33 p.m.11 views

ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml.

When Magick parses an XML file it is possible that a single zero byte is written out of the bounds...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References6Affected Software17
OSV
OSV
added 2026/04/13 7:33 p.m.4 views

GHSA-CR67-PVMX-2PP2 ImageMagick has a heap-Buffer-Overflow write of a single zero byte when parsing xml.

When Magick parses an XML file it is possible that a single zero byte is written out of the bounds...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

ImageMagick 数字错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-189 and 6.9.13-44 contained a numerical error vulnerability. This vulnerability stemmed from the...

5.3CVSS5.8AI score0.00428EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/03/30 11:27 p.m.4 views

SUSE CVE-2026-33871

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on the number of...

5.9CVSS5.9AI score0.01125EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/30 4:43 p.m.4 views

CVE-2026-33871

A flaw was found in Netty. A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume...

8.7CVSS5.9AI score0.01125EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/28 12:26 a.m.5 views

SUSE CVE-2026-32953

Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI-and thus the same key...

4.7CVSS5.9AI score0.00246EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/28 12:25 a.m.15 views

SUSE CVE-2026-33535

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 display interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the issue...

4CVSS5.9AI score0.00141EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/03/27 8:16 p.m.4 views

CVE-2026-33871

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on the number of...

8.7CVSS5.9AI score0.01125EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/27 7:55 p.m.3 views

CVE-2026-33871 Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on the number of...

8.7CVSS5.9AI score0.01125EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:55 p.m.7 views

CVE-2026-33871

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on the number of...

8.7CVSS5.9AI score0.01125EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/27 7:55 p.m.28 views

CVE-2026-33871 Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on the number of...

8.7CVSS0.01125EPSS
Exploits0References1
Rows per page
Query Builder