Lucene search
K

57 matches found

Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-14454 Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

0.00394EPSS
Exploits0References2
OSV
OSV
added 2026/05/26 7:31 p.m.18 views

JLSEC-2026-545

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files...

5.5CVSS7AI score0.0156EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.13 views

PT-2026-47109

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files...

5.6AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/22 10:18 a.m.18 views

CVE-2026-5755

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/14 10:42 p.m.14 views

CVE-2026-33414

Summary: CVE-2026-33414 affects Podman

8.8CVSS6.1AI score0.00607EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/02/03 10:16 p.m.5 views

CVE-2020-37073

Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with arbitrary content through the userimage parameter. Attackers can upload a malicious PHP shell to the /img/ directory and execute system commands by accessing the uploaded file wi...

8.8CVSS6AI score0.00471EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/03 10:1 p.m.3 views

CVE-2020-37073 Victor CMS 1.0 - Authenticated Arbitrary File Upload

Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with arbitrary content through the userimage parameter. Attackers can upload a malicious PHP shell to the /img/ directory and execute system commands by accessing the uploaded file wi...

8.8CVSS5.8AI score0.00471EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 10:1 p.m.4 views

CVE-2020-37073

Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with arbitrary content through the userimage parameter. Attackers can upload a malicious PHP shell to the /img/ directory and execute system commands by accessing the uploaded file wi...

8.8CVSS5.8AI score0.00471EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.9 views

PT-2026-5824

Victor CMS 1.0 contains an authenticated file upload vulnerability that allows administrators to upload PHP files with arbitrary content through the user image parameter. Attackers can upload a malicious PHP shell to the /img/ directory and execute system commands by accessing the uploaded file...

8.8CVSS5.9AI score0.00471EPSS
Exploits1References4
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

CVE-2020-36942

Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...

8.8CVSS5.9AI score
Exploits0References3
EUVD
EUVD
added 2026/01/27 3:23 p.m.7 views

EUVD-2020-30860

Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...

8.8CVSS6AI score0.00611EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-0515

Malware in sbrugna...

5CVSS6.4AI score0.01392EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2018-13189

Malware in sbrugna...

6.5CVSS6.6AI score0.01425EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-13198

Malware in sbrugna...

6.5CVSS6.6AI score0.01855EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-13194

Malware in sbrugna...

6.5CVSS6.6AI score0.01637EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-7777

Malicious code in bioql PyPI...

6.1CVSS5.6AI score0.00502EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/25 12:0 a.m.8 views

PT-2025-1976 · WordPress · Connections Business Directory

Name of the Vulnerable Software and Affected Versions: Connections Business Directory plugin for WordPress versions up to, and including, 10.4.66 Description: The issue is related to insufficient file path validation when deleting a connections image directory, allowing authenticated attackers wi...

6.5CVSS7.1AI score0.0055EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.2 views

SUSE CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...

5CVSS6.9AI score0.01927EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.4 views

SUSE CVE-2011-0708

exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service application crash via an image with a crafted Image File Directory IFD that triggers a buffer over-read...

4.3CVSS7AI score0.09826EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29338

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files...

3.3CVSS9.4AI score0.0156EPSS
Exploits1References6
Rows per page
Query Builder