Lucene search
K

48 matches found

Cvelist
Cvelist
added 2026/06/10 9:31 p.m.32 views

CVE-2026-46520 ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23...

7.5CVSS0.00441EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 9:31 p.m.8 views

CVE-2026-46520 ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23...

7.5CVSS5.3AI score0.00441EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 9:31 p.m.25 views

CVE-2026-46520

ImageMagick contains a vulnerability (CVE-2026-46520) where reading multiple images with differing dimensions can trigger an out-of-bounds heap write in the IPL decoder. Affected releases prior to the patch are 6.9.13-48 and 7.1.2-23; the issue is fixed in those versions. The CVSS metrics indicat...

7.5CVSS5.3AI score0.00441EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Slican多款产品 安全漏洞

Slican IPL is a product of the Polish company Slican. Slican IPL is an Internet Protocol private branch exchange. Slican IPM is an IP phone exchange server. Slican CCT is a series of enterprise communication and IP phone exchange systems. Several Slican products have security vulnerabilities; the...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/18 8:36 p.m.14 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the IPL decoder when processing multiple images with differing dimensions. An attacker can cause a denial of service by supplying specially crafted image files that trigger an out-of-bounds heap write. Remediation...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.10 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.9 views

Out-of-bounds Write

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.9 views

Out-of-bounds Write

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.10 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.11 views

Out-of-bounds Write

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:36 p.m.10 views

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/11 8:25 p.m.11 views

CVE-2026-42224

ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...

7.6CVSS5.3AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/05/08 11:16 p.m.43 views

CVE-2026-42224

ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...

7.6CVSS0.00259EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/08 10:2 p.m.7 views

CVE-2026-42224 ipl/web is vulnerable to reflected XSS by malformed search requests

ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...

7.6CVSS5.4AI score0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/05/08 10:2 p.m.21 views

CVE-2026-42224

The CVE-2026-42224 entry concerns ipl/web (Icinga Web components). Prior to version 0.13.1, it is vulnerable to reflected XSS via malformed search requests, enabling an attacker to inject JavaScript that runs in a victim’s browser when visiting a crafted site. The issue is patched in 0.13.1. A re...

7.6CVSS5.3AI score0.00259EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in @zalastax/nolb-ipl (npm)

The package @zalastax/nolb-ipl was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-12054 Malicious code in @zalastax/nolb-ipl (npm)

The package @zalastax/nolb-ipl was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2024/08/05 9:15 p.m.1 views

UBUNTU-CVE-2024-41811

ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. CSRF. All affected products, in any version, will be unaffected by this once icinga-php-library is upgraded. Version...

3.9CVSS5.1AI score0.00172EPSS
Exploits0References5
Rows per page
Query Builder