Lucene search
+L

15 matches found

cvelist
cvelist
added 5 days ago37 views

CVE-2026-61465 ImageMagick before 7.1.2-26 Memory Allocation Policy Bypass

ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of...

4.8CVSS0.00173EPSS
Exploits0References2
ptsecurity
ptsecurity
added 5 days ago7 views

PT-2026-57443

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-26 ImageMagick versions prior to 6.9.13-51 Description ImageMagick fails to verify the allowed memory allocation limit during matrix-backed operations, such as the -canny operation. A remote attacker can...

6.5CVSS6.1AI score0.00173EPSS
Exploits0References18
cve
cve
added 2026/06/23 12:12 p.m.19 views

CVE-2026-56225

Capgo before 12.128.2 has an authorization bypass in public API key management handlers (get/put/delete/post). Keys created with mode=all but limited_to_apps are not checked against limited_to_apps, only limited_to_orgs, allowing an app-scoped key to enumerate, update, and delete sibling API keys...

8.7CVSS5.9AI score0.00292EPSS
Exploits0References2
redhat
redhat
added 2024/09/04 12:15 a.m.6 views

kernel: mm: avoid overflows in dirty throttling logic

A vulnerability was found in the Linux kernel's memory management subsystem where a lack of proper size checks on dirty limits can lead to situations where large dirty limits end up being larger than 32-bits, resulting in potential overflows and divisions by 0. This can cause memory corruption,...

4.4CVSS6.8AI score0.00244EPSS
Exploits0References5
veracode
veracode
added 2023/08/07 2:18 a.m.24 views

Email Spamming

rdiffweb is vulnerable to Email Spamming. The vulnerability exists because there is no rate limit checks in the pageprefnotification.py, which allows an attacker to spam the victim's mailbox, causing additional expenses for the organization...

6.5CVSS6.7AI score0.00405EPSS
Exploits1References4Affected Software1
susecve
susecve
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-2621

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via 1 an incomplete request or 2 a request with a large header size, related to a HttpMsg.cc and b clientside.cc...

5CVSS6.9AI score0.23049EPSS
Exploits0References3
code423n4
code423n4
added 2022/12/12 12:0 a.m.16 views

A whale user is able to cause freeze of funds of other users by bypassing withdraw limit

Lines of code Vulnerability details Description In Collateral.sol, users may withdraw underlying tokens using withdraw. Importantly, the withdrawal must be approved by withdrawHook if set: function withdrawuint256 amount external override nonReentrant uint256 baseTokenAmount = amount...

6.9AI score
Exploits0
github
github
added 2022/05/25 10:34 p.m.28 views

Denial-of-service vulnerability processing large chat messages containing many newlines

Impact PocketMine-MP caps maximum chat message length at 512 Unicode characters, or about 2048 bytes. No more than 2 chat messages may be sent per tick. However, due to legacy reasons, incoming chat message blobs are split by \n, and each part is treated as a separate message, the length of each...

6.8AI score
Exploits0References2Affected Software1
osv
osv
added 2019/10/31 2:15 p.m.1 views

ALPINE-CVE-2019-18425

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performe...

9.8CVSS6.8AI score0.02546EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2017/06/23 12:0 a.m.5 views

The vulnerability of the Stack Guard-Page mechanism implemented in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the Stack Guard-Page mechanism in the Linux operating system’s kernel is related to insufficient checking of the values of arguments and pointers to ensure they match the values of R LIMITSTACK/RLIMINFINITY. Exploiting this vulnerability could allow a local attacker to trigge...

7.8CVSS6.4AI score0.00899EPSS
Exploits0References32Affected Software2
veracode
veracode
added 2016/12/30 8:37 a.m.10 views

Denial Of Service (DoS)

wger is vulnerable to denial-of-service DoS attacks. The vulnerability exists as there are no limit checks in the csv upload functionality and it is exploitable by importing large size csv...

6.7AI score
Exploits0
osv
osv
added 2015/10/15 1:14 p.m.4 views

SUSE-SU-2015:1790-1 Security update for icu

icu was updated to fix one security issue. This security issue was fixed: - CVE-2014-9654: Insufficient size limit checks in regular expression compiler bsc917129...

9.8CVSS9.3AI score0.02422EPSS
Exploits0References3
nessus
nessus
added 2015/06/26 12:0 a.m.20 views

SUSE SLED11 / SLES11 Security Update : icu (SUSE-SU-2015:1144-1)

This update fixes the following security issue in icu : CVE-2014-9654: insufficient size limit checks in regular expression compiler bsc917129 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

9.8CVSS8.1AI score0.02422EPSS
Exploits0References5
nessus
nessus
added 2015/05/20 12:0 a.m.28 views

SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2015:0458-1)

icu was updated to fix one security issue. This security issue was fixed : - CVE-2014-9654: Insufficient size limit checks in regular expression compiler bnc917129. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable h...

9.8CVSS8.2AI score0.02422EPSS
Exploits0References4
osv
osv
added 2015/03/02 4:37 p.m.6 views

SUSE-SU-2015:0458-1 Security update for icu

icu was updated to fix one security issue. This security issue was fixed: - CVE-2014-9654: Insufficient size limit checks in regular expression compiler bnc917129...

9.8CVSS9.3AI score0.02422EPSS
Exploits0References3
Rows per page
Query Builder