Lucene search
K

532 matches found

SUSE CVE
SUSE CVE
added 2026/06/12 2:26 a.m.7 views

SUSE CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.4AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 11:33 p.m.9 views

CVE-2026-45359

A flaw was found in ImageMagick. A local attacker could exploit this vulnerability by providing an invalid 'connected-components:keep-top' value during image processing. This could lead to a heap buffer over-read, potentially resulting in information disclosure or a denial of service DoS...

7.1CVSS5.2AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 10:16 p.m.10 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

7.1CVSS0.00122EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 9:26 p.m.49 views

CVE-2026-45359

ImageMagick vulnerability CVE-2026-45359: an invalid connected-components:keep-top value can cause a heap buffer over-read during the connected components operation in affected releases prior to 6.9.13-48 and 7.1.2-22; patched in those versions. Upgrade to 6.9.13-48 or 7.1.2-22 to remediate.

7.1CVSS5.5AI score0.00122EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/10 9:26 p.m.9 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

7.1CVSS5.5AI score0.00122EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/10 9:26 p.m.29 views

CVE-2026-45359 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS0.00122EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/10 9:26 p.m.9 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

7.1CVSS5.5AI score0.00122EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/10 9:26 p.m.8 views

CVE-2026-45359 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.5AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 6.9.13-48 and 7.1.2-22 contained a buffer error vulnerability. This vulnerability stemmed...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 12:9 a.m.10 views

GHSA-2VQW-3MP8-CGMX Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections

Impact Puma is vulnerable to source IP spoofing when setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used. PROXY protocol v1 is a connection-level protocol. Support was added to Puma in v5.5.0. A proxy sends one PROXY header at the beginning of a TCP connection, befo...

7.5CVSS5.5AI score0.00015EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/09 12:9 a.m.10 views

Puma PROXY Protocol v1 Accepts Repeated Protocol Headers on Persistent Connections

Impact Puma is vulnerable to source IP spoofing when setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used. PROXY protocol v1 is a connection-level protocol. Support was added to Puma in v5.5.0. A proxy sends one PROXY header at the beginning of a TCP connection, befo...

5.5AI score0.00015EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/06/05 5:8 p.m.9 views

User Impersonation

Overview puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process...

8.7CVSS5.5AI score0.00015EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/05 12:0 a.m.5 views

Security update for perl-HTTP-Tiny (moderate)

openSUSE Security Update: Security update for perl-HTTP-Tiny Announcement ID: openSUSE-SU-2026:0191-1 Rating: moderate References: 1264992 Cross-References: CVE-2026-7010 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description:This...

6.5CVSS6AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 4:16 p.m.17 views

CVE-2026-49753

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.contentlengthheader/1 in...

6.3CVSS0.00301EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/02 2:15 p.m.8 views

CVE-2026-49753 HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.contentlengthheader/1 in...

6.3CVSS5.8AI score0.00301EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.17 views

PT-2026-45786

Summary Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.content length header/1...

6.3CVSS5.8AI score0.00301EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-22 Vulnerability

The remote host has a version of ImageMagick installed that is prior to 6.9.13-48 or 7.x prior 7.1.2-22. It is, therefore, affected by a vulnerability. — An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation...

7.1CVSS6AI score0.00122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.16 views

openSUSE 16 Security Update : perl-HTTP-Tiny (openSUSE-SU-2026:20792-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20792-1 advisory. Changes in perl-HTTP-Tiny: - updated to 0.094 0.094 - No changes from 0.093-TRIAL 0.093 - fix to prevent invalid characters in all headers, and prevent...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2026/05/25 9:5 a.m.7 views

OPENSUSE-SU-2026:20792-1 Security update for perl-HTTP-Tiny

This update for perl-HTTP-Tiny fixes the following issues: Changes in perl-HTTP-Tiny: - updated to 0.094 0.094 - No changes from 0.093-TRIAL 0.093 - fix to prevent invalid characters in all headers, and prevent header smuggling CVE-2026-7010 bsc1264992 - updated to 0.092 0.092 - No changes from...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:0 a.m.7 views

CVE-2026-42626

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

5.9CVSS5.8AI score0.0016EPSS
Exploits0References2
Rows per page
Query Builder