Lucene search
K

590849 matches found

RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.7 views

GIMP: GIMP: Arbitrary code execution via specially crafted PSD file

A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.7 views

gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow

A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...

7.8CVSS7.8AI score0.00596EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.6 views

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

7.8CVSS8AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.7 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:5 a.m.10 views

Important: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS6.1AI score0.00553EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/15 2:5 a.m.8 views

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

7.8CVSS5.9AI score0.00553EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/15 1:56 a.m.13 views

systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with spurious data. In older versions v249 and earlier, this can lead to stack overwriting with attacker-controlled content,...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2026/06/15 1:49 a.m.9 views

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS7.9AI score0.00755EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/06/15 1:49 a.m.8 views

GIMP: GIMP: Arbitrary code execution via specially crafted PSD file

A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 1:49 a.m.8 views

gimp: GIMP: Remote Code Execution via malicious JP2 file parsing

A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...

7.8CVSS8AI score0.00744EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 1:49 a.m.8 views

gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow

A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...

7.8CVSS7.8AI score0.00596EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49336

Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description A heap buffer overflow exists in the librfb RFB/VNC client component of GStreamer. The issue occurs because the rectangle bounds check validates the total area instead of individual...

8.8CVSS6.2AI score0.00489EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.27 views

CVE-2026-50873

An arbitrary file upload vulnerability in the attachment handling component of flatnotes v5.5.4 allows attackers to execute arbitrary code via uploading a crafted HTML or SVG file...

0.00441EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.28 views

CVE-2026-50872

An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request...

0.0056EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49568

Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.0-rc.2 Angular versions prior to 21.2.15 Angular versions prior to 20.3.22 Angular versions prior to 19.2.23 Description An issue in the @angular/core package allows bypassing script-execution restrictions during...

5.3CVSS6AI score0.00238EPSS
Exploits0References6
CVE
CVE
added 2026/06/15 12:0 a.m.15 views

CVE-2026-36933

The CVE-2026-36933 issue affects Boyleep K11 y108 firmware v2.3.0.11291. A physically proximate attacker can execute arbitrary code via the factory test feature. The impact is described as high for confidentiality, integrity, and availability; the root cause is tied to the factory test feature, w...

6.8CVSS5.9AI score0.00174EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.32 views

CVE-2026-30120

CVE-2026-30120 concerns the Remotion project: remotion v4.0.409 has a reported remote code execution (RCE) vulnerability. The NVD/NVD-derived entries and ENISA/EUVD mirrors describe an exploit with a CVSS v3.1 base score of 9.8 (CRITICAL), attack vector NETWORK, no privileges required, no user in...

9.8CVSS6.2AI score0.0081EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49297

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

6.3AI score0.00627EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49203

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14...

9.3CVSS5.4AI score0.00445EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49576

Name of the Vulnerable Software and Affected Versions Vitest affected versions not specified Description Browser Mode exposes a cdp API that forwards raw Chrome DevTools Protocol CDP methods over the browser WebSocket RPC. This API is not restricted by the browser.api.allowWrite,...

9.8CVSS6.1AI score0.00089EPSS
Exploits0References5
Rows per page
Query Builder