Lucene search
K

750 matches found

CNVD
CNVD
added 2026/03/19 12:0 a.m.8 views

ImageMagick Buffer Overflow Vulnerability (CNVD-2026-16617)

ImageMagick is ImageMagick open source set of open source image processing software. Can read, convert or write images in a variety of formats. ImageMagick suffers from a buffer overflow vulnerability that originates beyond the end of the write stack buffer when a memory allocation failure occurs...

6.7CVSS6.1AI score0.00096EPSS
Exploits0
OSV
OSV
added 2026/03/18 6:16 p.m.2 views

DEBIAN-CVE-2026-23260

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on masstoregfp failure regcachemaplewrite allocates a new block 'entry' to merge adjacent ranges and then stores it with masstoregfp. When masstoregfp fails, the new 'entry' remains allocated and is neve...

5.5CVSS5.2AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/03/18 6:16 p.m.7 views

UBUNTU-CVE-2026-23252

In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchkxfiledescr calls The xchkxfiledescr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes or whatever the nofail guarantees are nowadays. Some of them cou...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:1 p.m.3 views

CVE-2026-23252

In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchkxfiledescr calls The xchkxfiledescr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes or whatever the nofail guarantees are nowadays. Some of them cou...

5.6AI score0.00122EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.6 views

ImageMagick 安全漏洞

ImageMagick is ImageMagick open source set of open source image processing software. Can read, convert or write images in a variety of formats. ImageMagick suffers from a buffer overflow vulnerability that originates beyond the end of the write stack buffer when a memory allocation failure occurs...

6.7CVSS6AI score0.00096EPSS
Exploits0References1
OSV
OSV
added 2026/02/25 7:15 p.m.4 views

GHSA-GQ5V-QF8Q-FP77 ImageMagick: Heap-based Buffer Overflow in GetPixelIndex due to metadata-cache desynchronization

OpenPixelCache updates image channel metadata before attempting pixel cache memory allocation. When both memory and disk allocation fail a heap-buffer-overflow read in occurs in any writer that calls GetPixelIndex...

3.3CVSS5.5AI score
Exploits0References3
Snyk
Snyk
added 2026/02/25 7:15 p.m.6 views

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

3.3CVSS6.1AI score
Exploits0References3
Snyk
Snyk
added 2026/02/25 7:12 p.m.4 views

Use After Free

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.8 views

Use After Free

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
OSV
OSV
added 2026/02/25 7:12 p.m.6 views

GHSA-3J4X-RWRX-XXJ9 mageMagick has a possible use-after-free write in its PDB decoder

A use-after-free vulnerability exists in the PDB decoder that will use a stale pointer when a memory allocation fails and that could result in a crash or a single zero byte write. ==4033155==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 pc 0x5589c1971b24 bp...

3.7CVSS5.6AI score
Exploits0References4
Snyk
Snyk
added 2026/02/25 7:12 p.m.5 views

Use After Free

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.4 views

Use After Free

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.7 views

Use After Free

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the PDB decoder when a memory allocation fails, leading to the use of a stale pointer. An attacker can cause a crash or trigger a single zero byte write by providing specially crafted input files. Remediation A fix was...

6.3CVSS5.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/25 3:20 p.m.4 views

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

5.8AI score0.0022EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/25 4:10 a.m.5 views

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

5.8AI score0.0022EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/11 12:25 a.m.3 views

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

5.8AI score0.0022EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/31 12:0 a.m.5 views

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to release allocated resources when memory allocation fails, potentially leading to...

5.8AI score0.00222EPSS
Exploits0References5
OSV
OSV
added 2026/01/30 11:17 a.m.5 views

SUSE-SU-2026:0348-1 Security update for bind

This update for bind fixes the following issues: Upgrade to release 9.20.18: - CVE-2025-13878: Fixed incorrect length checks for BRID and HHIT records bsc1256997 Feature Changes: Add more information to the rndc recursing output about fetches. Reduce the number of outgoing queries. Provide more...

7.5CVSS6.1AI score0.08219EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/27 5:52 p.m.4 views

CVE-2026-0918

The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated attacker can...

7.1CVSS5.9AI score0.00682EPSS
Exploits0References7
Rows per page
Query Builder