Lucene search
K

15965 matches found

OSV
OSV
added 2025/08/26 5:20 p.m.4 views

CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...

7.5CVSS7.7AI score0.04065EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/08/26 5:20 p.m.9 views

CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...

7.5CVSS0.04065EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2025/08/26 5:20 p.m.2 views

CVE-2025-55298

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...

8.8CVSS8.3AI score0.04065EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-32022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts o...

4.6CVSS5.9AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-33466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment...

8.8CVSS7.3AI score0.0415EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-7442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially...

9.1CVSS8.2AI score0.02065EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-4232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTun...

4.3CVSS6.5AI score0.02162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2019-7283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp...

7.4CVSS7AI score0.01976EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-11249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to...

6.5CVSS6.4AI score0.03732EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2009-4490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly...

5CVSS7.6AI score0.1027EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-28688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went t...

6.5CVSS6.7AI score0.00332EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/23 9:22 p.m.5 views

CVE-2009-20002

Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites...

8.4CVSS7.8AI score0.00453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/23 8:13 p.m.4 views

CVE-2010-20112

Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including...

9.3CVSS7.6AI score0.01046EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 4:35 p.m.4 views

CVE-2011-10023

MJM QuickPlayer likely now referred to as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitra...

8.4CVSS8AI score0.00324EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/21 8:15 p.m.6 views

CVE-2009-20003

Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrit...

8.4CVSS6.4AI score0.0031EPSS
Exploits0References6
CVE
CVE
added 2025/08/21 8:14 p.m.17 views

CVE-2010-20123

The CVE-2010-20123 entry concerns Steinberg MyMP3Player (version 3.0, build 3.0.0.67). It describes a stack-based buffer overflow triggered while parsing .m3u playlist files, due to improper validation of input length in the playlist data. The vulnerability allows an attacker to overwrite memory ...

8.4CVSS8AI score0.00322EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/08/21 8:13 p.m.13 views

CVE-2010-20007 Seagull FTP v3.3 Build 409 Stack Buffer Overflow

Seagull FTP Client = v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly...

8.5CVSS0.00476EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/08/21 8:13 p.m.5 views

CVE-2010-20007

Seagull FTP Client = v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly...

8.5CVSS6.7AI score0.00476EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/08/21 8:13 p.m.4 views

CVE-2009-20002

Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites...

8.4CVSS6.3AI score0.00453EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/08/21 8:12 p.m.6 views

CVE-2010-20034

Gekko Manager FTP Client = 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the...

8.5CVSS6.4AI score0.00476EPSS
Exploits0References5
Rows per page
Query Builder