15965 matches found
CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
Linux Distros Unpatched Vulnerability : CVE-2025-32022
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts o...
Linux Distros Unpatched Vulnerability : CVE-2023-33466
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment...
Linux Distros Unpatched Vulnerability : CVE-2018-7442
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially...
Linux Distros Unpatched Vulnerability : CVE-2018-4232
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTun...
Linux Distros Unpatched Vulnerability : CVE-2019-7283
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp...
Linux Distros Unpatched Vulnerability : CVE-2019-11249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to...
Linux Distros Unpatched Vulnerability : CVE-2009-4490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly...
Linux Distros Unpatched Vulnerability : CVE-2021-28688
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went t...
CVE-2009-20002
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites...
CVE-2010-20112
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including...
CVE-2011-10023
MJM QuickPlayer likely now referred to as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitra...
CVE-2009-20003
Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrit...
CVE-2010-20123
The CVE-2010-20123 entry concerns Steinberg MyMP3Player (version 3.0, build 3.0.0.67). It describes a stack-based buffer overflow triggered while parsing .m3u playlist files, due to improper validation of input length in the playlist data. The vulnerability allows an attacker to overwrite memory ...
CVE-2010-20007 Seagull FTP v3.3 Build 409 Stack Buffer Overflow
Seagull FTP Client = v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly...
CVE-2010-20007
Seagull FTP Client = v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly...
CVE-2009-20002
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites...
CVE-2010-20034
Gekko Manager FTP Client = 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the...