Lucene search
K

3170 matches found

Snyk
Snyk
added 2026/05/22 1:14 p.m.13 views

Information Exposure

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS5.8AI score0.00109EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/22 1:14 p.m.12 views

Information Exposure

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.8AI score0.00109EPSS
Exploits0References2
OSV
OSV
added 2026/05/22 1:11 p.m.16 views

GHSA-4G75-9R48-JF92 ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking

An attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met...

4.1CVSS5.8AI score0.00077EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/22 1:11 p.m.19 views

ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking

An attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met...

4.1CVSS5.8AI score0.00077EPSS
Exploits0References3Affected Software17
OSV
OSV
added 2026/05/22 1:10 p.m.11 views

GHSA-P93H-F2JC-477J ImageMagick: Heap Buffer Over-Write in distributed pixel cache server

An attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process...

4.1CVSS5.9AI score0.00092EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.14 views

PT-2026-42813

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The distributed pixel cache was originally designed to operate without a challenge-response authentication model, which is a security mechanism where one party...

7.5CVSS5.4AI score0.00495EPSS
Exploits0References130
RedHat Linux
RedHat Linux
added 2026/05/20 7:46 p.m.11 views

FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a vulnerability where pixel data from adjacent heap memory is rendered to the screen. This can lead to the disclosure of sensitive data to the attacker...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References6
CVE
CVE
added 2026/05/20 4:27 p.m.22 views

CVE-2026-7613

CVE-2026-7613 affects the Cost of Goods by PixelYourSite plugin for WordPress. It allows unauthenticated Stored XSS via csvdata[0][cost_of_goods_value] in versions up to 1.2.12 due to insufficient input sanitization and output escaping, enabling arbitrary scripts to run on pages loaded by users. ...

7.2CVSS6AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 4:27 p.m.10 views

EUVD-2026-31126

The Cost of Goods by PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'csvdata0costofgoodsvalue' parameter in versions up to, and including, 1.2.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacke...

7.2CVSS6AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libjpeg-turbo

LibJPEG 9c has a major issue with a large loop, as the readPixel function in rdtarga.c improperly handles EOF situations...

7.5CVSS6.3AI score0.03162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in imagemagick

In the functions CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all part of /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations that were used with the floor function. These calculations resulted ...

5.5CVSS6.7AI score0.01172EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in imagemagick

In the IntensityCompare function in /magick/quantize.c, there are calls to PixelPacketIntensity, which may return overflowing values to the caller when ImageMagick processes a crafted input file. To address this issue, the patch introduces and utilizes the ConstrainPixelIntensity function. This...

4.3CVSS6.5AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update the logic to calculate the D value for RCG. The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3, and the final D value calculated results in underflow errors. As...

5.5CVSS6.2AI score0.00253EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 10:0 p.m.13 views

FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

7.5CVSS6.2AI score0.00398EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 9:56 p.m.35 views

FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a vulnerability where pixel data from adjacent heap memory is rendered to the screen. This can lead to the disclosure of sensitive data to the attacker...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References6
Snyk
Snyk
added 2026/05/19 9:51 p.m.9 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the decodemaskimage function. An attacker can cause a heap buffer overflow by providing a crafted HEIF file containing a mask image where the iloc extent exceeds the allocated pixel buffer, leading to...

7.1CVSS6AI score0.00343EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 9:16 p.m.19 views

CVE-2026-32814

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

6.5CVSS0.00303EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 9:16 p.m.7 views

UBUNTU-CVE-2026-32814

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

6.5CVSS5.7AI score0.00303EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/19 9:16 p.m.11 views

CVE-2026-32741

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When decoding a HEIF file containing a mask image mski, the function copies the full iloc extent data into a pixel buffer using memcpydst,...

7.1CVSS5.9AI score0.00343EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/19 7:57 p.m.37 views

CVE-2026-32741 libheif has a heap buffer overflow in decode_mask_image()

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When decoding a HEIF file containing a mask image mski, the function copies the full iloc extent data into a pixel buffer using memcpydst,...

7.1CVSS0.00343EPSS
Exploits0References2
Rows per page
Query Builder