Lucene search
+L

59 matches found

vulnrichment
vulnrichment
added 2026/06/10 9:40 p.m.8 views

CVE-2026-46521 ImageMagick: Heap Buffer Over-Write in MIFF encoder when using LZMA compression

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and...

5.5CVSS5.3AI score0.00111EPSS
Exploits0References1
osv
osv
added 2026/05/22 1:10 p.m.11 views

GHSA-P93H-F2JC-477J ImageMagick: Heap Buffer Over-Write in distributed pixel cache server

An attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process...

4.1CVSS5.9AI score0.00092EPSS
Exploits0References2
nessus
nessus
added 2026/05/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple...

7.5CVSS7AI score0.00441EPSS
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.15 views

Off-by-one Error

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.13 views

Off-by-one Error

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.17 views

Off-by-one Error

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.11 views

Off-by-one Error

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.12 views

Off-by-one Error

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.16 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.11 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.13 views

Off-by-one Error

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
snyk
snyk
added 2026/05/21 9:42 p.m.14 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the json and yaml encoder process. An attacker can cause a heap buffer overwrite by providing specially crafted input data. Remediation A fix was pushed into the master branch but not yet published. References - GitH...

6.9CVSS5.9AI score
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.17 views

PT-2026-42811

Name of the Vulnerable Software and Affected Versions ImageMagick affected versions not specified Description An attacker capable of connecting to a magick -distribute-cache service can trigger a heap buffer over-write within the server process. A heap buffer over-write occurs when a program writ...

7.8CVSS6.3AI score0.00441EPSS
Exploits0References159
snyk
snyk
added 2026/05/18 8:37 p.m.14 views

Out-of-bounds Write

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
nessus
nessus
added 2026/03/22 12:0 a.m.14 views

SUSE SLES15: GraphicsMagick / GraphicsMagick-devel / libGraphicsMagick++-Q16-12 / etc (SUSE-SU-2026:0938-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0938-1 advisory. - CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference bsc1259455. - CVE-2026-30883...

7.8CVSS7.4AI score0.00353EPSS
Exploits0References7
osv
osv
added 2026/03/10 9:5 p.m.5 views

GHSA-56JP-JFQG-F8F4 ImageMagick is vulnerable to heap buffer over-write on 32-bit systems in SFW decoder

An overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images...

5.7CVSS5.8AI score0.00093EPSS
Exploits0References4
github
github
added 2026/03/10 9:5 p.m.5 views

ImageMagick is vulnerable to heap buffer over-write on 32-bit systems in SFW decoder

An overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images...

5.7CVSS5.8AI score0.00093EPSS
Exploits0References4Affected Software19
redhatcve
redhatcve
added 2025/05/08 5:6 p.m.14 views

CVE-2025-32022

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

4.6CVSS7AI score0.00123EPSS
Exploits0References1
nvd
nvd
added 2025/05/06 5:16 p.m.15 views

CVE-2025-32022

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

4.6CVSS0.00123EPSS
Exploits0References2
debiancve
debiancve
added 2025/05/06 4:57 p.m.7 views

CVE-2025-32022

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

4.6CVSS5.7AI score0.00123EPSS
Exploits0
Rows per page
Query Builder