Lucene search
K

113 matches found

Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.29 views

Amazon Linux AMI : php70-pecl-imagick (ALAS-2023-1813)

The version of php70-pecl-imagick installed on the remote host is prior to 3.4.4-1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1813 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c...

9.8CVSS7.7AI score0.05916EPSS
Exploits52References148
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.37 views

Amazon Linux AMI : php55-pecl-imagick (ALAS-2023-1812)

The version of php55-pecl-imagick installed on the remote host is prior to 3.4.4-2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1812 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....

9.8CVSS7.7AI score0.05916EPSS
Exploits52References148
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.31 views

Amazon Linux AMI : php71-pecl-imagick (ALAS-2023-1814)

The version of php71-pecl-imagick installed on the remote host is prior to 3.4.4-2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1814 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c...

9.8CVSS7.7AI score0.05916EPSS
Exploits52References148
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.25 views

Amazon Linux AMI : php72-pecl-imagick (ALAS-2023-1815)

The version of php72-pecl-imagick installed on the remote host is prior to 3.4.4-2.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1815 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....

9.8CVSS7.7AI score0.05916EPSS
Exploits52References148
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.29 views

Amazon Linux AMI : php56-pecl-imagick (ALAS-2023-1811)

The version of php56-pecl-imagick installed on the remote host is prior to 3.4.4-2.16. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1811 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....

9.8CVSS7.7AI score0.05916EPSS
Exploits52References148
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.34 views

Amazon Linux AMI : php54-pecl-imagick (ALAS-2023-1810)

The version of php54-pecl-imagick installed on the remote host is prior to 3.4.4-2.11. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1810 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....

9.8CVSS7.7AI score0.05916EPSS
Exploits52References148
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.2 views

SUSE CVE-2019-11037

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...

9.8CVSS7.3AI score0.01972EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.6 views

PT-2023-36335 · Unknown · Phpmyadmin

Name of the Vulnerable Software and Affected Versions: phpMyAdmin affected versions not specified Description: The issue concerns a security fix for an XSS vulnerability in the drag-and-drop upload functionality. Additional bugfixes include resolving errors when configuring 2FA without XMLWriter ...

6.4AI score
Exploits0References4
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.13 views

Ubuntu: Security Advisory (USN-4586-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.01972EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.39 views

Mageia: Security Advisory (MGASA-2021-0156)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.6AI score0.01228EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.6 views

Mageia: Security Advisory (MGASA-2021-0013)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
OpenVAS
OpenVAS
added 2021/12/05 12:0 a.m.17 views

Fedora: Security Advisory for php-pecl-imagick (FEDORA-2021-b58af96f33)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.5AI score0.0071EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/11/14 12:0 a.m.8 views

Fedora: Security Advisory for php-pecl-imagick (FEDORA-2021-df1fa3d3e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Hacker One
Hacker One
added 2021/07/14 1:21 p.m.101 views

Nextcloud: HEIC image preview can be used to invoke Imagick

The HEIC image preview provider calls into Imagick at https://github.com/nextcloud/server/blob/5d097ddb4b99673f57b8c085dedd93880ee2539d/lib/private/Preview/HEIC.phpL98-L109. This is bad as Imagick processes all kind of image types. One can use this for example to exfiltrate arbitrary files by...

10CVSS0.9AI score0.02604EPSS
Exploits0
OSV
OSV
added 2020/10/20 1:16 p.m.2 views

USN-4586-1 php-imagick vulnerability

It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick to crash, resulting in a denial of service...

9.8CVSS6.7AI score0.01972EPSS
Exploits0References2
Veracode
Veracode
added 2020/10/12 12:7 a.m.21 views

Arbitrary Code Execution

php-imagick is vulnerable to arbitrary code execution. Lack of boundary checks when writing to an array of values in ImagickKernel::fromMatrix can potentially lead to out of bounds write to memory if the function is called with the data controlled by untrusted party...

9.8CVSS5.1AI score0.01972EPSS
Exploits0References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/04/06 12:0 a.m.8 views

The vulnerability of the ImagickKernel::fromMatrix() function in the php-imagick extension for PHP allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the ImagickKernel::fromMatrix function in the php-imagick extension for PHP is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability may allow a remote attacker to cause a service failure or execute arbitrary code...

10CVSS7.4AI score0.01972EPSS
Exploits0References10Affected Software4
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.41 views

GLSA-202003-38 : PECL Imagick: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-202003-38 PECL Imagick: Arbitrary code execution An out-of-bounds write vulnerability was discovered in the Imagick PHP extension. Impact : A remote attacker, able to upload specially crafted images which will get processed by...

9.8CVSS7.6AI score0.01972EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2020/03/19 12:0 a.m.58 views

PECL Imagick: Arbitrary code execution

Background Imagick is a PHP extension to create and modify images using the ImageMagick library. Description An out-of-bounds write vulnerability was discovered in the Imagick PHP extension. Impact A remote attacker, able to upload specially crafted images which will get processed by Imagick, cou...

9.8CVSS4.9AI score0.01972EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.34 views

openSUSE Security Update : php7-imagick (openSUSE-2020-14)

This update for php7-imagick fixes the following issues : Upgrade to version 3.4.4 : Added : - function Imagick::optimizeImageTransparency - METRICSTRUCTURALSIMILARITYERROR - METRICSTRUCTURALDISSIMILARITYERROR - COMPRESSIONZSTD - https://github.com/facebook/zstd - COMPRESSIONWEBP -...

9.8CVSS7AI score0.01972EPSS
Exploits0References4
Rows per page
Query Builder