Lucene search
K

374 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-15330

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9Affected Software1
CVE
CVE
added 4 days ago8 views

CVE-2026-15330

CVE-2026-15330 affects zhayujie CowAgent — Vision Tool, specifically the file vision.py, function _build_image_content/_download_to_data_url. The vulnerability arises from manipulating the input image argument, enabling remote SSRF via the Vision Tool component. Attacker could trigger remotely; e...

7.5CVSS6.6AI score0.00352EPSS
Exploits0References9
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-15330 zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function buildimagecontent/downloadtodataurl of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack c...

7.5CVSS0.00352EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-58380

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscannergettoken function writes a null terminator one byte...

7.8CVSS6.2AI score0.00216EPSS
Exploits1References4
EUVD
EUVD
added 2026/07/03 6:29 p.m.8 views

EUVD-2026-41560

A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...

7.3CVSS6.7AI score0.00233EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-55577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow...

5.9CVSS6.1AI score0.00226EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in GIMP

GIMP PGM File Parsing: Uninitialized Memory Causes Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or...

8.8CVSS7.6AI score0.00972EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/15 2:6 a.m.12 views

GIMP: GIMP: Arbitrary code execution via specially crafted PSD file

A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...

7.8CVSS7.6AI score0.00755EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/11 11:14 a.m.7 views

SUSE CVE-2026-46692

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in...

4.1CVSS5.4AI score0.00092EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/10 9:59 p.m.34 views

CVE-2026-49218 ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This issue has been patched...

7.5CVSS0.00346EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 9:30 p.m.10 views

EUVD-2026-36163

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...

5.3CVSS5.3AI score0.00441EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 9:30 p.m.33 views

CVE-2026-45664

CVE-2026-45664 affects ImageMagick. A missing check in the MNG coder could allow reading more images than the policy limit, causing excessive resource usage (potential DoS). The issue is fixed in patched releases: ImageMagick 6.9.13-47 and 7.1.2-22 . Vendors and advisories (e.g., SUSE, Red Hat, D...

7.5CVSS5.3AI score0.00441EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7134

A vulnerability was identified in code-projects Online Lot Reservation System 1.0. Affected is an unknown function of the file /edithousepic.php. Such manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit is publicly available and might ...

5.8CVSS5.3AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.17 views

PT-2026-48562

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-24 Description ImageMagick is free and open-source software used for editing and manipulating digital images. A negative heap buffer over-write occurs when using an image with a mask and the Floyd-Steinberg...

7.8CVSS5.7AI score0.01849EPSS
Exploits4References88
Fedora
Fedora
added 2026/06/02 1:11 a.m.17 views

[SECURITY] Fedora 43 Update: libpng-1.6.58-1.fc43

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

5.1CVSS5.8AI score0.00195EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/26 8:52 a.m.18 views

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS7.4AI score0.00755EPSS
Exploits1References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in GIMP

GIMP PSP File Parsing: An Off-by-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicio...

7.8CVSS7.8AI score0.56404EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in GIMP

A flaw was discovered in GIMP. A integer overflow vulnerability exists in the GIMP “Despeckle” plug-in. The issue arises due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp. This can lead to insufficient memory allocation and subsequent...

7.8CVSS7.5AI score0.00419EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 8:37 p.m.12 views

Use After Free

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References2
Rows per page
Query Builder