Lucene search
K

9770 matches found

SUSE CVE
SUSE CVE
added 2 days ago3 views

SUSE CVE-2026-46522

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...

7.5CVSS5.2AI score0.01061EPSS
Exploits2References3
Snyk
Snyk
added 4 days ago3 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the MVG decoder when processing a crafted file due to a missing depth or visited-set check. An attacker can cause a denial of service by supplying a specially crafted MVG file that triggers a stack overflow...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago4 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago4 views

Uncontrolled Recursion

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS5.3AI score0.00013EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-48502

draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. The vulnerability is not in the label sanitizer which works correctly on the rendering path but in...

6.1CVSS5.9AI score0.00036EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 5 days ago4 views

CVE-2026-34657 CAI Content Credentials | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in an arbitrary file system write. An attacker could leverage this vulnerability to write to...

5.5CVSS5.6AI score0.00024EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

5.4CVSS0.00034EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2025-52292

A stack buffer overflow in the fileinprocess function infile.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

7.5CVSS0.0004EPSS
Exploits1References2
NVD
NVD
added 5 days ago5 views

CVE-2025-55658

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the gfopusparsepacketheader function mediatools/avparsers.c. bThis vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS0.00034EPSS
Exploits1References1
NVD
NVD
added 5 days ago5 views

CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6.5CVSS0.00032EPSS
Exploits1References2
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2025-52292

A stack buffer overflow in the fileinprocess function infile.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

7.5CVSS5.6AI score0.0004EPSS
Exploits1References3
Cvelist
Cvelist
added 5 days ago24 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

0.00034EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2025-55651

A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00023EPSS
Exploits1References1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2025-55657

A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

0.00038EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-48168

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

6AI score0.00034EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 5 days ago4 views

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system...

7.8CVSS6.2AI score0.00356EPSS
In wildExploits2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.6 views

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5CVSS5.5AI score0.00012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.5 views

CVE-2026-32860

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVLIB file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

8.5CVSS7.6AI score0.00022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.6 views

CVE-2026-32861

There is a memory corruption vulnerability due to an out-of-bounds write when loading a corrupted LVCLASS file in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

8.5CVSS7.6AI score0.00022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.4 views

CVE-2026-32863

There is a memory corruption vulnerability due to an out-of-bounds read in sentrytransactioncontextsetoperation in NI LabVIEW. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafte...

8.5CVSS5.8AI score0.00018EPSS
Exploits0References1
Rows per page
Query Builder