Lucene search
+L

1190 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argumen...

6CVSS6.2AI score0.00207EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/07/10 8:10 p.m.7 views

CVE-2026-53449

A flaw was found in Coturn, an open-source TURN and STUN server. An authenticated administrator with command-line interface CLI access could exploit a vulnerability in the psd print sessions dump command. This flaw allows the administrator to overwrite arbitrary files on the system that are...

6CVSS6.2AI score0.00207EPSS
Exploits1References6
OSV
OSV
added 2026/07/10 7:17 p.m.3 views

DEBIAN-CVE-2026-53449

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS6.2AI score0.00207EPSS
Exploits1References1
NVD
NVD
added 2026/07/10 7:17 p.m.8 views

CVE-2026-53449

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS0.00207EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/07/10 5:59 p.m.38 views

CVE-2026-53449 Coturn: Arbitrary File Write via CLI psd Command

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS0.00207EPSS
Exploits1References3
CVE
CVE
added 2026/07/10 5:59 p.m.19 views

CVE-2026-53449

CVE-2026-53449 — Coturn : Before 4.13.0, the psd print sessions dump CLI command accepts a filename argument and passes it directly to fopen without path validation, enabling an authenticated admin with CLI access to overwrite arbitrary files writable by the coturn process with session dump data....

6CVSS6.2AI score0.00207EPSS
Exploits1References3Affected Software1
Circl
Circl
added 2026/07/10 12:35 a.m.7 views

CVE-2026-49836

creationtimestamp| type| source ---|---|--- 2026-07-10 00:35:09+00:00| published-proof-of-concept| https://github.com/psd-tools/psd-tools/security/advisories/GHSA-2rmg-vrx8-9j2f...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/07/09 12:49 p.m.3 views

OESA-2026-2881 gimp security update

Security Fixes: An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS.CVE-2022-32990 GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability...

7.8CVSS7.1AI score0.00755EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.11 views

PT-2026-57023

Name of the Vulnerable Software and Affected Versions psd-tools versions prior to 1.17.1 Description An issue exists where the SmartObject.save function writes embedded smart objects to a path taken directly from a PSD file without sanitization. This allows an attacker to use absolute paths or...

4.6CVSS6.2AI score
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2026/07/08 12:0 a.m.6 views

The vulnerability of ImageMagick’s PSD format file processor allows attackers to compromise the confidentiality of protected information.

The vulnerability of ImageMagick’s PSD format file processor relates to reading data beyond the permitted range of memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality of the protected information...

7.8CVSS7.2AI score0.00348EPSS
Exploits0References6Affected Software5
OSV
OSV
added 2026/07/07 9:16 a.m.2 views

DEBIAN-CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References1
NVD
NVD
added 2026/07/07 9:16 a.m.14 views

CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS0.00219EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/07/07 7:44 a.m.5 views

CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2026/07/07 7:44 a.m.6 views

CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS6.2AI score0.00219EPSS
Exploits1
CVE
CVE
added 2026/07/07 7:44 a.m.26 views

CVE-2026-58384

The CVE concerns GIMP’s PSD parser. An integer overflow in read_RLE_channel() triggers an undersized heap allocation for the RLE row-length table, after which per-row writes corrupt heap memory. This can lead to memory corruption with potential denial of service or arbitrary code execution. Docum...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References5Affected Software2
AlpineLinux
AlpineLinux
added 2026/07/07 7:44 a.m.7 views

CVE-2026-58384

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.8CVSS6.2AI score0.00219EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/07/07 7:44 a.m.42 views

CVE-2026-58384 Gimp: gimp: integer overflow in read_rle_channel()

A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitra...

7.3CVSS0.00219EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-58384

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GIMP's PSD parser. An integer overflow in readRLEchannel can cause an undersized heap allocation for the RLE row-length table, after which...

7.8CVSS5.6AI score0.00219EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/29 10:3 a.m.7 views

ImageMagick: ImageMagick: Denial of Service due to resource policy bypass in PSD decoder

A flaw was found in ImageMagick. A missing check in the PSD Photoshop Document decoder allows an attacker to bypass the list-length resource policy when processing a specially crafted PSD image. This could lead to a denial of service DoS condition by consuming excessive resources...

7.5CVSS5.7AI score0.00495EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.10 views

RHEL 7 : ImageMagick (RHSA-2026:32961)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:32961 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixe...

9.2CVSS6.9AI score0.01849EPSS
Exploits4References20
Rows per page
Query Builder