Lucene search
+L

170 matches found

almalinux
almalinux
added 2026/06/29 12:0 a.m.5 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: atm: fix crash due to unvalidated vcc pointer in sigdsend CVE-2026-31411 kernel: tcp: fix potential race in tcpv6synrecvsock CVE-2026-43198 Bug Fixes and Enhancements: AlmaLinux 9.8...

9.8CVSS6AI score0.00298EPSS
Exploits0References6
nvd
nvd
added 2026/06/09 9:17 p.m.17 views

CVE-2025-71319

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS0.0064EPSS
Exploits1References8
euvd
euvd
added 2026/06/09 7:57 p.m.11 views

EUVD-2025-210087

image-size 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2 contain a denial of service vulnerability in the findBox function when processing specially crafted images with zero-sized boxes. Remote attackers can cause application hang by supplying malicious JXL, HEIF, or JP2 image files with box size zer...

8.7CVSS5.5AI score0.0064EPSS
Exploits1References2
euvd
euvd
added 2026/06/09 7:34 a.m.11 views

EUVD-2026-35370

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied image URLs, allowing arbitrary external content to be embedded as profile images, which could expose users to...

6.5CVSS5.5AI score0.00403EPSS
Exploits0References1
github
github
added 2026/05/15 9:31 p.m.24 views

Mattermost doesn't validate the response body of proxied images

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG file served from an attacker-controlled origin under a non-SVG Content-Type header e.g. image/png...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/04/21 2:32 p.m.4 views

GHSA-FG79-CR9C-7369 OpenMage LTS: Phar Deserialization leads to Remote Code Execution

PHP functions such as getimagesize, fileexists, and isreadable can trigger deserialization when processing phar:// stream wrapper paths. OpenMage LTS uses these functions with potentially controllable file paths during image validation and media handling. An attacker who can upload a malicious ph...

8.1CVSS6.4AI score0.00539EPSS
Exploits1References4
euvd
euvd
added 2026/04/21 2:32 p.m.5 views

EUVD-2026-23889

OpenMage LTS: Phar Deserialization leads to Remote Code Execution...

8.1CVSS5.8AI score0.00539EPSS
Exploits1References3
github
github
added 2026/04/21 2:32 p.m.11 views

OpenMage LTS: Phar Deserialization leads to Remote Code Execution

PHP functions such as getimagesize, fileexists, and isreadable can trigger deserialization when processing phar:// stream wrapper paths. OpenMage LTS uses these functions with potentially controllable file paths during image validation and media handling. An attacker who can upload a malicious ph...

8.1CVSS6.4AI score0.00539EPSS
Exploits1References4Affected Software1
snyk
snyk
added 2026/04/20 7:31 p.m.3 views

Deserialization of Untrusted Data

Overview openmage/magento-lts is a This repository is the home of an unofficial community-driven project. Affected versions of this package are vulnerable to Deserialization of Untrusted Data the VarienImage file handling path and related image validation code in VarienImage,...

9.2CVSS6.8AI score0.00539EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/04/20 4:11 p.m.3 views

CVE-2026-25524

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, PHP functions such as getimagesize, fileexists, and isreadable can trigger...

8.1CVSS6.1AI score0.00539EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2026/04/20 4:11 p.m.2 views

CVE-2026-25524 OpenMage LTS's Phar Deserialization leads to Remote Code Execution

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, PHP functions such as getimagesize, fileexists, and isreadable can trigger...

8.1CVSS6.1AI score0.00539EPSS
Exploits1References2
cvelist
cvelist
added 2026/04/20 4:11 p.m.33 views

CVE-2026-25524 OpenMage LTS's Phar Deserialization leads to Remote Code Execution

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, PHP functions such as getimagesize, fileexists, and isreadable can trigger...

8.1CVSS0.00539EPSS
Exploits1References2
cve
cve
added 2026/04/20 4:11 p.m.14 views

CVE-2026-25524

OpenMage LTS (Magento LTS unofficial fork) before v20.17.0 is affected by a Phar deserialization flaw. PHP functions getimagesize(), file_exists(), and is_readable() can deserialize when given phar:// stream wrapper paths, used during image validation/media handling with controllable file paths. ...

8.1CVSS6.1AI score0.00539EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/03/26 12:0 a.m.7 views

CVE-2026-29905

Kirby CMS through 5.1.4 allows an authenticated user with 'Editor' permissions to cause a persistent Denial of Service DoS via a malformed image upload. The application fails to properly validate the return value of the PHP getimagesize function. When the system attempts to process this file for...

6.5CVSS5.9AI score0.00445EPSS
Exploits1References5
cvelist
cvelist
added 2026/03/19 1:53 p.m.78 views

CVE-2026-4426 Libarchive: libarchive: denial of service via malformed iso file processing

A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...

6.5CVSS0.00305EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/03/11 9:45 p.m.2 views

CVE-2026-32133

2FAuth is a web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Prior to 6.1.0, a blind SSRF vulnerability exists in 2FAuth that allows authenticated users to make arbitrary HTTP requests from the server to internal networks and cloud metadata endpoints. Th...

7.8CVSS5.9AI score0.00505EPSS
Exploits1References2Affected Software1
nvd
nvd
added 2026/02/09 8:15 p.m.10 views

CVE-2026-25492

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

6.5CVSS0.00419EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/02/09 7:33 p.m.7 views

CVE-2026-25492

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

5.3CVSS5.5AI score0.00419EPSS
Exploits1References4Affected Software1
redhatcve
redhatcve
added 2026/01/07 9:16 a.m.10 views

CVE-2025-1558

Mattermost Mobile Apps versions =2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF...

6.5CVSS7AI score0.00346EPSS
Exploits0References1
cnvd
cnvd
added 2025/10/13 12:0 a.m.2 views

Online Hotel Reservation System addgalleryexec.php file arbitrary file upload vulnerability

Online Hotel Reservation System is an online hotel reservation system. Online Hotel Reservation System suffers from an arbitrary file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /admin/addgalleryexec.php. No details of the...

8.8CVSS7.2AI score0.00299EPSS
Exploits1References1
Rows per page
Query Builder