Lucene search
K

17 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, using the magick stream command in ImageMagick, specifying multiple consecutive %d format specifiers in a filename template caused a memory leak. Versions...

7.5CVSS5.5AI score0.00466EPSS
Exploits0References2
OSV
OSV
added 2026/04/14 11:56 a.m.7 views

CLSA-2026-1776167812 ImageMagick: Fix of 5 CVEs

CVE-2025-53019: fix memory leak in StreamImage with multiple %d in filename template - CVE-2025-55212: fix division-by-zero in ThumbnailImage via zero-dimension geometry - CVE-2026-25795: fix NULL dereference in ReadSFWImage on temp file failure - CVE-2026-25799: fix division-by-zero in YUV...

7.5CVSS6.7AI score0.00851EPSS
Exploits1References1
OSV
OSV
added 2025/09/29 11:38 a.m.7 views

CLSA-2025-1759145882 Fix CVE(s): CVE-2025-53019

SECURITY UPDATE: memory leak via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References1
OSV
OSV
added 2025/09/29 11:34 a.m.5 views

CLSA-2025-1759145639 Fix CVE(s): CVE-2025-53019

SECURITY UPDATE: memory leak when specifying multiple %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References1
OSV
OSV
added 2025/09/19 1:50 p.m.7 views

CLSA-2025-1758289815 Fix CVE(s): CVE-2025-53101

SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix InterpretImageFilename function by adjusting the offset to prevent potential buffer overflow - CVE-2025-53101...

9.8CVSS6AI score0.00792EPSS
Exploits1References1
OSV
OSV
added 2025/09/19 1:50 p.m.8 views

CLSA-2025-1758289801 Fix CVE(s): CVE-2025-53101

SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix image filename interpretation issue by adjusting the offset value - CVE-2025-53101...

9.8CVSS5.8AI score0.00792EPSS
Exploits1References1
Veracode
Veracode
added 2025/09/18 5:50 p.m.7 views

Memory Leakage

ImageMagick is vulnerable to Memory Leakage. The vulnerability is due to improper handling of format specifiers because multiple consecutive %d in a filename template within the magick stream command trigger memory leakage...

7.5CVSS7.1AI score0.00466EPSS
Exploits0References7Affected Software18
Github Security Blog
Github Security Blog
added 2025/08/25 3:53 p.m.4 views

ImageMagick has a Memory Leak in magick stream

Summary In ImageMagick's magick stream command, specifying multiple consecutive %d format specifiers in a filename template causes a memory leak. Details - Vulnerability Type: Memory leak - Affected Version: ImageMagick 7.1.1-47 as of commit 82572afc, June 2025 Reproduction Tested Environment -...

7.5CVSS7AI score0.00466EPSS
Exploits0References7Affected Software18
Amazon
Amazon
added 2025/08/04 12:0 a.m.4 views

Medium: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue stems from an off-by-one error that causes out-of-bounds memory acce...

9.8CVSS7.4AI score0.00792EPSS
Exploits2
OSV
OSV
added 2025/07/25 1:17 p.m.4 views

OESA-2025-1908 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

9.8CVSS6.8AI score0.00792EPSS
Exploits3References5
OSV
OSV
added 2025/07/25 1:17 p.m.5 views

OESA-2025-1906 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

9.8CVSS6.8AI score0.00792EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2025/07/18 12:0 a.m.19 views

ImageMagick < 6.9.13-26 / 7.1.0 < 7.1.2 Multiple Vulnerabilities

The remote Windows host has a version of ImageMagick installed that prior to 6.9.13-26 or 7.1 prior to 7.1.2. It is, therefore, affected by multiple vulnerabilites: - filename template issues can cause a stack overflow through vsnprintf CVE-2025-53101 - heap buffer overflow in the...

9.8CVSS6.2AI score0.00792EPSS
Exploits2References6
SUSE CVE
SUSE CVE
added 2025/07/15 11:22 p.m.3 views

SUSE CVE-2025-53019

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick stream command, specifying multiple consecutive %d format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and...

3.7CVSS6.8AI score0.00466EPSS
Exploits0References7
OSV
OSV
added 2025/07/14 8:15 p.m.3 views

DEBIAN-CVE-2025-53019

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick stream command, specifying multiple consecutive %d format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and...

7.5CVSS4.9AI score0.00466EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.5 views

SUSE CVE-2009-1150

Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...

4.3CVSS6AI score0.01604EPSS
Exploits0References4
CNVD
CNVD
added 2020/12/24 12:0 a.m.2 views

Dolibarr Remote Code Execution Vulnerability (CNVD-2020-73750)

Dolibarr ERP/CRM is an open source software/freeware for small and medium-sized businesses, organizations or freelancers. It includes different features such as Enterprise Resource Planning ERP and Customer Relationship Management CRM, as well as applications for other different activities. A...

9CVSS8.5AI score0.06361EPSS
Exploits1References1
n0where
n0where
added 2017/03/03 6:14 a.m.18 views

Open Source SIP Sniffer: pcapsipdump

Open Source SIP Sniffer pcapsipdump is libpcap-based SIP sniffer with per-call sorting capabilities. It writes SIP/RTP sessions to disk in a same format, as “tcpdump -w”, but one file per SIP session even if there is thousands of concurrent SIP sessions. Each session goes in a separate, fancy-nam...

0.1AI score
Exploits0
Rows per page
Query Builder