6104 matches found
Expired Pointer Dereference
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Expired Pointer Dereference
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Expired Pointer Dereference
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Expired Pointer Dereference
Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Expired Pointer Dereference
Overview Affected versions of this package are vulnerable to Expired Pointer Dereference in the MSL interpreter. An attacker can cause the application to crash by submitting an image file containing a malicious MSL element. Remediation A fix was pushed into the master branch but not yet published...
CVE-2026-26983
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...
CVE-2026-26983 ImageMagick: Invalid MSL <map> can result in a use after free
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...
CVE-2026-26983
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...
CVE-2026-26983
CVE-2026-26983 affects ImageMagick. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing an invalid element, leading to a use-after-free condition. The vulnerability can impact image processing workflows that rely on MSL, with a patch available in the affected re...
CVE-2026-26983
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...
CVE-2026-25983 ImageMagick has Use After Free in MSLStartElement in "coders/msl.c"
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it,...
CVE-2026-25983 ImageMagick has Use After Free in MSLStartElement in "coders/msl.c"
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it,...
CVE-2026-25983
CVE-2026-25983 affects ImageMagick. A crafted MSL script can trigger a heap-use-after-free by the operation element handler freeing the image while parsing, leading to memory corruption during ReadBlobString. Affected versions are 7.1.2-15 and 6.9.13-40; a patch is included in those versions. Oth...
PT-2026-21651
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 ImageMagick versions prior to 6.9.13-40 Description ImageMagick is software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crash can occur in the MSL...
ImageMagick 代码问题漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained code vulnerabilities. These vulnerabilities stemmed from the MSL...
CVE-2026-26983
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...
CVE-2026-21420
Dell Repository Manager (DRM) v3.4.7 and earlier is affected by an Uncontrolled Search Path Element, enabling a local, low-privilege attacker to potentially execute arbitrary code and escalate privileges. Root cause is improper handling of search paths in DRM prior to 3.4.8. Impact includes high ...
TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
...
CVE-2026-27122
svelte performance oriented web framework. Prior to 5.51.5, when using in server-side rendering, the provided tag name is not validated or sanitized before being emitted into the HTML output. If the tag string contains unexpected characters, it can result in HTML injection in the SSR output...
CVE-2026-27119
svelte performance oriented web framework. From 5.39.3, element does not properly escape its content, potentially allowing HTML injection in the SSR output. Client-side rendering is not affected. This vulnerability is fixed in 5.51.5...