Lucene search
K

493 matches found

Snyk
Snyk
added 2025/12/30 11:8 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.2CVSS6.8AI score0.00164EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/30 11:8 p.m.5 views

Uncontrolled Recursion

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.2CVSS6.8AI score0.00164EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/30 11:8 p.m.2 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the DrawPrimitive function in the draw.c file. An attacker can cause a stack overflow and application crash by providing MVG files containing circular references. Remediation A fix was pushed into the master...

6.2CVSS7AI score0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/13 6:30 p.m.5 views

EUVD-2025-203225

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS4.9AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 2025/12/13 4:16 p.m.5 views

CVE-2025-14462

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS0.00112EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/13 4:31 a.m.25 views

CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS0.00112EPSS
Exploits0References2
CVE
CVE
added 2025/12/13 4:31 a.m.9 views

CVE-2025-14462

The CVE-2025-14462 issue affects the Lucky Draw Contests plugin for WordPress (versions

4.3CVSS5AI score0.00112EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/13 4:31 a.m.4 views

CVE-2025-14462 Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS5AI score0.00112EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/13 1:23 a.m.9 views

WordPress Lucky Draw Contests plugin <= 4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Lucky Draw Contests versions = 4.2...

4.3CVSS6.8AI score0.00112EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/13 12:0 a.m.6 views

PT-2025-51076

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2. This is due to missing or incorrect nonce validation in misc-settings.php. This makes it possible for unauthenticated attackers to update plugin settings via a forge...

4.3CVSS5.3AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/13 12:0 a.m.4 views

WordPress plugin Lucky Draw Contests 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.3AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/05 12:24 a.m.3 views

SUSE CVE-2025-65955

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick's Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls...

4.9CVSS6.4AI score0.00142EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/03 4:25 p.m.4 views

EUVD-2025-200466

ImageMagick has a use-after-free/double-free risk in Options::fontFamily when clearing family...

4.9CVSS6AI score0.00142EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/02 11:2 p.m.15 views

CVE-2025-65955 ImageMagick has a use-after-free/double-free risk in Options::fontFamily when clearing family

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls...

4.9CVSS0.00142EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:54 p.m.7 views

Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 10:54 p.m.3 views

EUVD-2025-199160

Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode npm...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/11/24 10:54 p.m.5 views

MAL-2025-191045 Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 9:28 p.m.2 views

MAL-2025-191019 Malicious code in tcsp-draw-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3aab2e2be47f975ef5d6dcbb26dd22621b6043ca130bcd094aa6524696873a3 The package tcsp-draw-test was found to contain malicious code. Source: ghsa-malware a0c29ab38c3bc97e4948587b9e49496e015ba0ed1f2b292e49fad4a91b6380c2...

6.8AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 9:28 p.m.2 views

EUVD-2025-199024

Malicious code in tcsp-draw-test npm...

6.6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 9:28 p.m.6 views

Malicious code in tcsp-draw-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3aab2e2be47f975ef5d6dcbb26dd22621b6043ca130bcd094aa6524696873a3 The package tcsp-draw-test was found to contain malicious code. Source: ghsa-malware a0c29ab38c3bc97e4948587b9e49496e015ba0ed1f2b292e49fad4a91b6380c2...

6.9AI score
Exploits0References4
Rows per page
Query Builder