177 matches found
CVE-2026-61862
ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed read past the profile boundary. This behavior occurs whe...
DEBIAN-CVE-2026-61862
ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed read past the profile boundary. This behavior occurs whe...
CVE-2026-61862 ImageMagick before 7.1.2-26 Information Disclosure via identify
ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed read past the profile boundary. This behavior occurs whe...
CVE-2026-61862 ImageMagick before 7.1.2-26 Information Disclosure via identify
ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed read past the profile boundary. This behavior occurs whe...
EUVD-2026-44611
ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed read past the profile boundary. This behavior occurs whe...
CVE-2026-55517
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket handshake response, Deno parsed the Sec-WebSocket-Protocol and Sec-WebSocket-Extensions response...
HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2
...
CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2
Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string values. cowhttpstructhd:escapestring/2 in cowlib only escapes \ and ", passing all other byt...
EEF-CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2
Summary Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string values. cow\http\struct\hd:escape\string/2 in cowlib only escapes \ and ", passing...
CVE-2026-42544 Granian: Unauthenticated DoS via WebSocket subprotocol header panic
Granian is a Rust HTTP server for Python applications. From 1.2.0 to 2.7.4, Granian aborts a worker process when an unauthenticated client sends a WebSocket upgrade request whose Sec-WebSocket-Protocol header contains non-ASCII bytes. The crash happens in Granian's WebSocket scope construction...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
EUVD-2009-4454
Malware in sbrugna...
EUVD-2009-4456
Malware in sbrugna...
EUVD-2012-2107
Malware in sbrugna...
EUVD-2008-5055
Malware in sbrugna...
EUVD-2012-2923
Malware in sbrugna...
EUVD-2006-3403
Malware in sbrugna...
EUVD-2015-5180
Malware in sbrugna...
EUVD-2022-2817
Malicious code in bioql PyPI...
EUVD-2022-5487
Malicious code in bioql PyPI...