Lucene search
K

145 matches found

CVE
CVE
added 2026/06/12 8:30 p.m.25 views

CVE-2026-54394

The CVE-2026-54394 entry describes a path traversal vulnerability in MISP's OrganisationsController::getOrgLogo. The vulnerable code constructs paths to organisation logos using fields like id, name, and uuid without enforcing that the resolved path stays under APP/files/img/orgs/. An attacker ab...

5.3CVSS5.6AI score0.00319EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in openjpeg2

A heap-buffer overflow was discovered in the way openjpeg2 handles certain PNG format files. An attacker could exploit this flaw to cause an application to crash, or in some cases to execute arbitrary code with the permission of the user running such an application...

7.8CVSS7.6AI score0.02008EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/27 2:24 p.m.6 views

CVE-2021-27506

The ClamAV Engine version 0.103.1 and below component embedded in Storsmshield Network Security SNS is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1...

5.5CVSS6.6AI score0.01312EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.7 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : libpng vulnerabilities (USN-8035-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8035-1 advisory. It was discovered that the libpng simplified API incorrectly processed palette PNG images with partial transparency and gamma...

8.3CVSS6.7AI score0.00955EPSS
Exploits4References5
RedhatCVE
RedhatCVE
added 2026/01/09 8:42 a.m.16 views

CVE-2022-37374

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.0077EPSS
Exploits0References1
CVE
CVE
added 2026/01/07 8:25 p.m.16 views

CVE-2026-22190

Summary of CVE-2026-22190 (Panda3D) Affected: Panda3D up to and including 1.10.16, specifically the egg-mkfont utility. Vulnerability: Uncontrolled format string in the -gp (glyph pattern) option. The option is passed directly as the format string to sprintf() with only one argument. If an attack...

7.5CVSS5.7AI score0.00312EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.6 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : libpng vulnerabilities (USN-7924-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7924-1 advisory. It was discovered that libpng incorrectly handled memory when processing certain PNG file...

7.1CVSS5.7AI score0.00281EPSS
Exploits5References5
FreeBSD
FreeBSD
added 2025/12/03 12:0 a.m.7 views

png -- Out-of-bounds read

https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f reports: Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency an...

7.1CVSS6.8AI score0.00299EPSS
Exploits2References1
Wordfence Blog
Wordfence Blog
added 2025/10/29 3:46 p.m.11 views

Rogue WordPress Plugin Conceals Multi-Tiered Credit Card Skimmers in Fake PNG Files

The Wordfence Threat Intelligence Team recently discovered a sophisticated malware campaign targeting WordPress e-commerce sites, specifically those using the WooCommerce plugin. This malware exhibits advanced features including custom encryption methods, fake images used to conceal malicious...

7.2AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-5877

Malware in sbrugna...

5CVSS6AI score0.02558EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-21757

Malware in sbrugna...

5.5CVSS5.6AI score0.0104EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7617

Malware in sbrugna...

7.8CVSS4.5AI score0.04889EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-9351

Malware in sbrugna...

6.5CVSS7.3AI score0.03526EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-6188

Malware in sbrugna...

7.1CVSS6AI score0.02313EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-2944

Malware in sbrugna...

8.8CVSS8.6AI score0.01359EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-1927

Malware in sbrugna...

6.8CVSS6AI score0.05466EPSS
Exploits1References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-0236

Malware in sbrugna...

4.3CVSS8.9AI score0.04208EPSS
Exploits0References40
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-20315

Malware in sbrugna...

7.8CVSS7AI score0.02008EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-50085

Malicious code in bioql PyPI...

3.3CVSS4.4AI score0.0025EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7148

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01515EPSS
Exploits0References7
Rows per page
Query Builder