493 matches found
Uncontrolled Recursion
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Uncontrolled Recursion
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the DrawPrimitive function in the draw.c file. An attacker can cause a stack overflow and application crash by providing MVG files containing circular references. Remediation A fix was pushed into the master...
EUVD-2025-203225
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
CVE-2025-14462
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
CVE-2025-14462
The CVE-2025-14462 issue affects the Lucky Draw Contests plugin for WordPress (versions
CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
WordPress Lucky Draw Contests plugin <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability
Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Lucky Draw Contests versions = 4.2...
PT-2025-51076
The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...
WordPress plugin Lucky Draw Contests 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
SUSE CVE-2025-65955
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick's Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls...
EUVD-2025-200466
ImageMagick has a use-after-free/double-free risk in Options::fontFamily when clearing family...
CVE-2025-65955 ImageMagick has a use-after-free/double-free risk in Options::fontFamily when clearing family
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls...
Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199160
Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode npm...
MAL-2025-191045 Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191019 Malicious code in tcsp-draw-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3aab2e2be47f975ef5d6dcbb26dd22621b6043ca130bcd094aa6524696873a3 The package tcsp-draw-test was found to contain malicious code. Source: ghsa-malware a0c29ab38c3bc97e4948587b9e49496e015ba0ed1f2b292e49fad4a91b6380c2...
EUVD-2025-199024
Malicious code in tcsp-draw-test npm...
Malicious code in tcsp-draw-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3aab2e2be47f975ef5d6dcbb26dd22621b6043ca130bcd094aa6524696873a3 The package tcsp-draw-test was found to contain malicious code. Source: ghsa-malware a0c29ab38c3bc97e4948587b9e49496e015ba0ed1f2b292e49fad4a91b6380c2...