Lucene search
K

21531 matches found

RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-14683

A flaw was found in HdrHistogram. A local attacker can exploit a vulnerability in the decodeFromCompressedByteBuffer function by manipulating the lengthOfCompressedContents argument. This manipulation leads to uncontrolled memory allocation, which can result in a Denial of Service DoS condition,...

4.8CVSS5.8AI score0.00118EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-61465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can...

6.5CVSS6.2AI score0.00105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-61861

A flaw was found in ImageMagick. This use-after-free vulnerability exists in the FormatMagickCaption method. When memory allocation fails, an attacker can trigger a dangling pointer to reference freed memory. This could potentially lead to a denial of service or arbitrary code execution...

7.5CVSS6.2AI score0.00277EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-61465

A flaw was found in ImageMagick. This vulnerability occurs because ImageMagick is missing a check for the allowed memory allocation limit during certain image processing operations, such as when using the -canny function. A remote attacker could provide a specially crafted image, causing the...

6.5CVSS6.1AI score0.00105EPSS
Exploits0References5
NVD
NVD
added 3 days ago8 views

CVE-2026-61870

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service...

7.5CVSS0.00104EPSS
Exploits0References2
NVD
NVD
added 3 days ago7 views

CVE-2026-61861

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

7.5CVSS0.00277EPSS
Exploits0References2
NVD
NVD
added 3 days ago5 views

CVE-2026-61465

ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of...

6.5CVSS0.00105EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago10 views

EUVD-2026-43189

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service...

2.9CVSS6.1AI score0.00104EPSS
Exploits0References2
CVE
CVE
added 3 days ago13 views

CVE-2026-61861

CVE-2026-61861 affects ImageMagick prior to 7.1.2-26. A use-after-free in the FormatMagickCaption path occurs when memory allocation fails, allowing a dangling pointer to reference freed memory. This can lead to denial of service or potentially arbitrary code execution. Multiple sources (NVD, Deb...

7.5CVSS6.2AI score0.00277EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-43188

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

6.3CVSS6.2AI score0.00277EPSS
Exploits0References2
CVE
CVE
added 3 days ago13 views

CVE-2026-61870

ImageMagick before 7.1.2-26 contains a memory leak in the VIFF encoder when memory allocation fails. An attacker can trigger allocation failures by processing specially crafted VIFF images to exhaust memory and cause a DoS. Remediation: upgrade to ImageMagick 7.1.2-26 or later; apply vendor patch...

7.5CVSS6.1AI score0.00104EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago37 views

CVE-2026-61861 ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

6.3CVSS0.00277EPSS
Exploits0References2
OSV
OSV
added 3 days ago2 views

CVE-2026-61870 ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service...

2.1CVSS6.1AI score0.00104EPSS
Exploits0References4
OSV
OSV
added 3 days ago3 views

CVE-2026-61861 ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

6.3CVSS6.2AI score0.00277EPSS
Exploits0References4
CVE
CVE
added 3 days ago13 views

CVE-2026-61465

ImageMagick before 7.1.2-26 and 6.9.13-51 lacks a check for the allowed memory allocation limit in matrix-backed operations (e.g., -canny). A crafted image can cause ImageMagick to allocate more memory than policy permits, resulting in a denial of service. Affected components: ImageMagick's memor...

6.5CVSS6.1AI score0.00105EPSS
Exploits0References2Affected Software1
NVD
NVD
added 4 days ago9 views

CVE-2026-55213

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS0.00343EPSS
Exploits0References2
Debian CVE
Debian CVE
added 4 days ago4 views

CVE-2026-55213

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS6.2AI score0.00343EPSS
Exploits0
CVE
CVE
added 4 days ago7 views

CVE-2026-55213

CVE-2026-55213 (h2o HTTP server) – Affected component: lib/http3/qpack.c, invoked while processing a QPACK instruction over HTTP/3. Root cause: on-stack allocation of a large buffer (up to ~800 KB) via alloca, exceeding default musl libc pthread stack size, leading to a segmentation fault when to...

7.5CVSS6.2AI score0.00343EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42960

adm-zip before 0.5.18 is vulnerable to denial of service via a crafted ZIP file with a manipulated uncompressed size header field. In zipEntry.js line 103, Buffer.alloccentralHeader.size allocates memory based on the declared uncompressed size from the ZIP central directory header without...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References4
NVD
NVD
added 4 days ago5 views

CVE-2026-55780

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's .NET single-file bundle handler in NanaZip.Codecs.Archive.DotNetSingleFile.cpp sizes its extraction buffer from the bundle entry Size field, which is only checked for sign and is not validat...

2.4CVSS0.00112EPSS
Exploits0References3
Rows per page
Query Builder