1031 matches found
Themes Coder Ecommerce <= 1.3.4 - SQL Injection
The Themes Coder Ecommerce WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2024-13726 info: name: Themes Coder Ecommerce = 1.3.4 - SQL...
CVE-2026-56376
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service...
CVE-2026-56376 ImageMagick - Heap Use-After-Free in Meta Coder
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service...
EUVD-2026-38440
ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service...
CVE-2026-56376
Affected software: ImageMagick prior to 7.1.2-15 and 6.9.13-40. Vulnerability: heap use-after-free in the meta coder where, on memory allocation failure, a single byte is written to a stale pointer. Impact: remote attackers can trigger via specially crafted image files, causing a denial of servic...
CVE-2026-56378
ImageMagick before 7.1.2-15 and 6.x before 6.9.13-40 contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte...
CVE-2026-56378
ImageMagick before 7.1.2-15 and 6.x before 6.9.13-40 contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte...
Linux Distros Unpatched Vulnerability : CVE-2026-56378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-15 and 6.x before 6.9.13-40 contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free software available as a ready-to-run binary distribution or as source code that you can use, copy, modify, and distribute in both open and proprietary applications. In affected versions, Postscript files may be read and written when specifically excluded by a module policy in...
Astra Linux – Vulnerability in imagemagick
There are several memory leaks in the MIFF coder located at /coders/miff.c, due to improper image depth values. These leaks can be triggered by a specially crafted input file. These issues could potentially affect the availability of the application or cause a denial of service. It was initially...
SUSE CVE-2026-45664
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...
CVE-2026-45664
A flaw was found in ImageMagick. A remote attacker could exploit a missing check in the Multiple-image Network Graphics MNG coder to read more images than allowed by policy. This could lead to excessive resource consumption, resulting in a denial of service DoS. Mitigation Mitigation for this iss...
CVE-2026-45664
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...
CVE-2026-45664 ImageMagick: Policy Bypass in MNG coder could
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...
EUVD-2026-36163
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...
CVE-2026-45664
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...
CVE-2026-45664
ImageMagick (MNG coder) contains a vulnerability (CVE-2026-45664) that could allow reading more images than the list-limit policy, leading to excessive resource usage. The issue, caused by a missing check in the MNG coder, has been patched in ImageMagick versions 6.9.13-47 and 7.1.2-22. Affected ...
CVE-2026-45664 ImageMagick: Policy Bypass in MNG coder could
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...
CVE-2026-45664
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...
Embedded Malicious Code
Overview @evolvconsulting/evolv-coder-lite is a light-weight meta-prompting, context engineering, and spec-driven development system for Claude Code, OpenCode, Gemini CLI, Kilo, Codex, Copilot, Cursor, Windsurf, and more. Affected versions of this package are vulnerable to Embedded Malicious Code...