Lucene search
K

281 matches found

Snyk
Snyk
added 2026/02/25 7:12 p.m.6 views

Use After Free

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.8 views

Use After Free

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
OSV
OSV
added 2026/02/25 7:12 p.m.6 views

GHSA-3J4X-RWRX-XXJ9 mageMagick has a possible use-after-free write in its PDB decoder

A use-after-free vulnerability exists in the PDB decoder that will use a stale pointer when a memory allocation fails and that could result in a crash or a single zero byte write. ==4033155==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 pc 0x5589c1971b24 bp...

3.7CVSS5.6AI score
Exploits0References4
Snyk
Snyk
added 2026/02/25 7:12 p.m.5 views

Use After Free

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.5 views

Use After Free

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.4 views

Use After Free

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.5 views

Use After Free

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.5 views

Use After Free

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.3CVSS6AI score
Exploits0References2
Packet Storm
Packet Storm
added 2026/02/25 12:0 a.m.121 views

📄 Calibre 9.2.1 Path Traversal / Arbitrary File Write

Calibre versions 9.2.1 and below are vulnerable to a path traversal flaw in the PDB file parser, affecting both the 132-byte and 202-byte header variants of the PDB reader implementation. The vulnerability allows a specially crafted PDB file to embed directory traversal sequences such as ../ with...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/20 11:32 a.m.6 views

CVE-2026-26065

A flaw was found in calibre. This path traversal vulnerability allows a local user to write arbitrary files with arbitrary content and extensions to any location where the user has write permissions. This occurs when processing specially crafted PDB Program Database e-book files. Successful...

9.3CVSS6.3AI score0.0052EPSS
Exploits1References2
OSV
OSV
added 2026/02/20 2:16 a.m.7 views

DEBIAN-CVE-2026-26065

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

8.8CVSS6.2AI score0.0052EPSS
Exploits1References1
OSV
OSV
added 2026/02/20 2:16 a.m.3 views

UBUNTU-CVE-2026-26065

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

9.3CVSS6.3AI score0.0052EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/02/20 2:16 a.m.4 views

CVE-2026-26065

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

9.3CVSS6.3AI score0.0052EPSS
Exploits1References3
OSV
OSV
added 2026/02/20 1:54 a.m.5 views

CVE-2026-26065 calibre: Path Traversal can Lead to Arbitrary File Write and Potential Code Execution

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

9.3CVSS6.3AI score0.0052EPSS
Exploits1References4
CVE
CVE
added 2026/02/20 1:54 a.m.28 views

CVE-2026-26065

Calibre versions 9.2.1 and earlier are affected by a path traversal vulnerability in PDB readers (two header variants) that allows arbitrary file writes with any extension and content, potentially enabling code execution and DoS via file corruption. The issue impacts all write-permitted locations...

9.3CVSS6.3AI score0.0052EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/02/20 1:54 a.m.28 views

CVE-2026-26065 calibre: Path Traversal can Lead to Arbitrary File Write and Potential Code Execution

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

9.3CVSS0.0052EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/02/20 1:54 a.m.7 views

CVE-2026-26065

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal through PDB readers both 132-byte and 202-byte header variants that allow arbitrary file writes with arbitrary extension and arbitrary...

9.3CVSS6.2AI score0.0052EPSS
Exploits1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

Calibre 路径遍历漏洞

Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Calibre versions 9.2.1 and earlier had a path traversal vulnerability. This vulnerability stemmed from a path traversa...

9.3CVSS6AI score0.0052EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-26065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below are vulnerable to Path Traversal...

9.3CVSS6.3AI score0.0052EPSS
Exploits1References2
NVD
NVD
added 2026/02/08 10:15 p.m.7 views

CVE-2026-2188

A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been...

8.6CVSS0.06413EPSS
Exploits1References4
Rows per page
Query Builder